Recipient verification from post-office in down stream issue

Sat, 31 Jan 2009 12:49:25 -0800 

Hello,

My postfix server i configured to reject unverified server for a domain
"recipient.tld". The record MX for this domain points to my server. When
my  MTA receive messages for "recipient.tld", then the messages are
forwarded to the server with IP 10.30.32.7.

In main.cf I have.
smtpd_recipient_restrictions =
    check_sender_access proxy:mysql:/etc/postfix/mysql-check-sender-access.cf
    check_recipient_access
proxy:mysql:/etc/postfix/mysql-check-recipient-access.cf
    check_client_access proxy:mysql:/etc/postfix/mysql-check-client-access.cf
    permit_mynetworks
    permit_sasl_authenticated
    check_policy_service inet:127.0.0.1:54000
    reject_unauth_destination
.
.
.

where the query in check_recipient_access is

select restriction from domain where domain='%s' and active='1'

which returns reject_unverified_recipient for the domain "recipient.tld".

As an example I report a log for an unverified recipient:

Jan 31 19:52:52 av5 postfix/smtpd[6764]: NOQUEUE: reject: RCPT from
unknown[89.105.251.144]: 450 4.1.1 <gsin...@recipient.tld>: Recipient
address rejected: undeliverable address: host 10.30.32.7[10.30.32.7] said:
550 gsin...@recipient.tld... No such user (in reply to RCPT TO command);
from=<gs...@cablenet.com.ni> to=<gsin...@recipient.tld> proto=SMTP
helo=<amerblind.outbound.ed10.com>
Jan 31 19:52:52 av5 postfix/smtp[9373]: 0923C226ED8:
to=<gsin...@recipient.tld>, relay=10.30.32.7[10.30.32.7]:25, delay=0.11,
delays=0.01/0/0.07/0.03, dsn=5.0.0, status=undeliverable (host
10.30.32.7[10.30.32.7] said: 550 gsin...@recipient.tld... No such user (in
reply to RCPT TO command))

The second log is not clear for me because it is queued and sent to the
server in downstream. Infact:

Jan 31 19:52:52 av5 postfix/cleanup[7729]: 0923C226ED8:
message-id=<20090131185252.0923c226...@av5.sttspa.it>
Jan 31 19:52:52 av5 postfix/qmgr[10277]: 0923C226ED8:
from=<postmas...@av5.mydomain.tld>, size=257, nrcpt=1 (queue active)
Jan 31 19:52:52 av5 postfix/smtp[9373]: 0923C226ED8:
to=<gsin...@recipient.tld>, relay=10.30.32.7[10.30.32.7]:25, delay=0.11,
delays=0.01/0/0.07/0.03, dsn=5.0.0, status=undeliverable (host
10.30.32.7[10.30.32.7] said: 550 gsin...@recipient.tld... No such user (in
reply to RCPT TO command))
Jan 31 19:52:52 av5 postfix/qmgr[10277]: 0923C226ED8: removed

It is possible to modify postfix configuration so that message from
postmas...@av5.mydomain.tld is avoided? Or it is is necessary for address
verification of the addresses managedon the server in downstream?

My second question is, why I see a SMTP status 450 even if my server
reject the message? Maybe I have set:

unverified_recipient_reject_code = 550

?

rocsca

Reply via email to