Andreas Ntaflos wrote:
Thank you for your reply! Reading through it and re-reading the Postfix
documentation gave me the clue I needed.
Unfortunately I forgot to mention that I didn't have a virtual_mailbox_maps
directive defined in Postfix's main.cf, so Postfix couldn't know anything
about which virtual recipients were valid and which weren't. Since that
particular map was optional and everything worked fine during my tests (which
didn't include sending mail to an invalid virtual recipient, shame on me) I
quickly forgot about it.
Naturally that was the root of problem I was facing.
Defining a virtual_mailbox_maps file with all valid virtual users solves the
problem in principle, however now I need to maintain two files with valid
virtual users for valid virtual domains: the passwd-file for Dovecot
(/etc/dovecot/passwd) plus the vmailbox file for Postfix
(hash:/etc/postfix/vmailbox).
use a script to generate the virtual mailbox maps files from a single
source file. you can use a Makefile to rebuild only when the source file
changed.
I suppose this is unavoidable when using flat files and would be better solved
using a real database backend, but it makes me wonder if there really isn't
anything Dovecot could do about this?
Seeing as Dovecot recognises when a virtual recipient is invalid, couldn't it
somehow put the to-be-rejected mail back to Postfix (or whichever MTA)?
as already said, you should reject invalid recipient during the smtp
transaction. there's already too much backscatter out there, and the
borked sites are listed in backscatterer.org.
Or
should it just drop it?
No, because people sometimes mistype addresses and you don't want to
blackhole such mail. if I send mail to [EMAIL PROTECTED], and you discard
that mail, I'll assume that you received it. now suppose this mail is
important ("Hi Andreas, there is a problem at foo bar, tell me if I
should handle it...").
I don't know what the SMTP (whichevery protocol is to
be followed here) says about this, so I pose the question again:
if you accept the message during the smtp transaction, you take
responsibility and you should not lose it "frivoulously". This
requirement is what makes email as reliable as it is, at the expense of
disk IO overhead (before saying "ok", the MTA must sync the file to
permanent storage, so that it survives server crashes... etc).
of course, servers should never bounce spam and viruses. as a result, it
is important to reject as much junk during the smtp transaction and to
minimize failures after a message was accepted. In particular, it is no
more acceptable to bounce mail because the recipient is invalid. quota
bounces and exceptional server errors are still acceptable because they
don't occur too often.
Note that this also applies to auto-responders (vacation, ...).
auto-responders must follow the recommendations of rfc3834 as well as
other best practices.
Is there anything Dovecot itself can do to reject or handle mail to invalid
virtual users? Or does this situation *have* to be dealt with earlier, by the
MTA?
yes. see www.backscatterer.org for an incentive ;-p