Paul Cocker wrote:
Thanks for the clarifications. I've compiled virtual and progress is being made.
As we receive around 100 000 mails a day, I assume that doesn't fall into the category of
"low volume", so I don't think reject_unverified_recipient would be suitable,
nor is maintaining a list of valid e-mail addresses in postfix manually.
So at this point I'll see to setup a method for queering AD, and I see the HOWTO section has a couple of articles which cover this. My only concern would be the risks in opening up communications to AD from the DMZ.
Please don't top post. put your replies after the text you reply to.
google if this is not clear.
you can have a periodic task to dump the users list. the list of valid
users doesn't change often. if you are concerned about newly created
users, you could work around this (tempfail at first try. similar to
greylisting) but you'll need a log parser or a policy service to
"update" the config. probably not worth the pain.
alternatively, you can consider ldap replication.
