I have a domain getting hit this morning that is not being used any longer, so I decided to just reject all mail to that domain. I put the domain in my recipient_checks file as 'example.com REJECT', postmap'd the file and did postfix reload. But still piling up in the logs with address verification probes, I have my recipient_checks before address verification in my smtpd_recipient_restrictions, can someone tell me where else I need to reject the domain...thanks, Robert
esmtp# postconf -n address_verify_map = btree:/home/mta/verify address_verify_poll_count = 1 bounce_queue_lifetime = 1d broken_sasl_auth_clients = yes canonical_maps = ldap:/usr/local/etc/postfix/ldap/canonical.cf command_directory = /usr/local/sbin config_directory = /usr/local/etc/postfix content_filter = smtp-amavis:[127.0.0.1]:10024 daemon_directory = /usr/local/libexec/postfix delay_warning_time = 4h disable_vrfy_command = yes html_directory = no mail_name = WebTent ESMTP Postfix Internet Mail Gateway mail_owner = postfix mailbox_size_limit = 102400000 mailq_path = /usr/local/bin/mailq manpage_directory = /usr/local/man maximal_backoff_time = 1000s maximal_queue_lifetime = 3d message_size_limit = 51200000 mynetworks = 127.0.0.0/8, 10.0.0.0/8 newaliases_path = /usr/local/bin/newaliases queue_directory = /var/spool/postfix readme_directory = no relay_domains = ldap:/usr/local/etc/postfix/ldap/transport.cf sample_directory = /usr/local/etc/postfix sendmail_path = /usr/local/sbin/sendmail setgid_group = maildrop smtp_send_xforward_command = yes smtp_tls_note_starttls_offer = yes smtp_use_tls = yes smtpd_banner = $myhostname ESMTP $mail_name USE OF THIS SERVER INDICATES THAT YOU HAVE READ AND AGREED TO OUR AUP. UCE IS NOT ALLOWED. smtpd_data_restrictions = reject_unauth_pipelining, permit smtpd_helo_restrictions = permit_mynetworks smtpd_recipient_restrictions = permit_sasl_authenticated, permit_mynetworks, check_client_access cidr:/usr/local/etc/postfix/relay_clients, check_client_access ldap:/usr/local/etc/postfix/ldap/relay_clients.cf, check_client_access hash:/usr/local/etc/postfix/client_checks, reject_unauth_destination, reject_non_fqdn_sender, reject_non_fqdn_recipient, check_policy_service unix:private/policy, check_helo_access hash:/usr/local/etc/postfix/helo_checks, check_recipient_access hash:/usr/local/etc/postfix/recipient_checks, check_recipient_access pcre:/usr/local/etc/postfix/recipient_checks.pcre, reject_rbl_client list.dsbl.org, reject_rbl_client zen.spamhaus.org, reject_unverified_recipient, permit smtpd_sasl_auth_enable = yes smtpd_sasl_security_options = noanonymous smtpd_sender_restrictions = check_sender_access hash:/usr/local/etc/postfix/sender_access permit_mynetworks reject_unknown_sender_domain smtpd_tls_auth_only = yes smtpd_tls_cert_file = /usr/local/etc/postfix/ssl/postfix_public_cert.pem smtpd_tls_key_file = /usr/local/etc/postfix/ssl/postfix_private_key.pem smtpd_tls_loglevel = 2 smtpd_tls_received_header = yes smtpd_tls_session_cache_database = btree:/home/mta/smtpd_scache smtpd_tls_session_cache_timeout = 3600s smtpd_use_tls = yes tls_random_source = dev:/dev/urandom transport_maps = ldap:/usr/local/etc/postfix/ldap/transport.cf unknown_local_recipient_reject_code = 550 unverified_recipient_reject_code = 550 unverified_sender_reject_code = 550 -- Robert
