On Thu, Apr 22, 2010 at 01:12:24PM +0200, Rainer Frey wrote: > Do you define all valid recipients there (e.g. in you example virtual file > [email protected])?
Yes. > But this is at the delivery stage, when the mail has already been accepted. > This means, if no homedir/mailbox is found, bounce mails are sent, to > potentially forged senders. That is backscatter. > > I'm not talking about aliases, I'm talking about recipient addresses of > virtual mailboxes. You need to verify whether a mailbox exists for a > recipient > address in the SMTP server before accepting the message. Possibly. But this could then be fixed by adding another recipient restriction, is that what is bothering you? > Indeed, but you offered the original poster your solution as one that "should > be good enough for what you are trying to achieve", but your solution leaves > out the aspect of the valid recipient list for the virtual mailbox domain > address class. This was not meant to say this is the ultimate one and only solution. See for recipient_restrictions esspecially, everyone may have different needs. But at least someone *may* a starting point. Feel free to refine the setup. > Of course, but it would be a viable alternative to a lookup table for the > recipients. Will look into it, but maybe you can add your thoughts how you would do. Thomas
