Chris Wopat via Postfix-users:
> Thank you! changing from 'error' to 'smtp' did indeed do the trick.
>
> Follow up, I clearly have a config ported over time, I see that
> `smtpd_relay_restrictions` is perhaps what I now want to use instead
> of `smtpd_recipient_restrictions`
>
> It appears to be working with the above fix as well as:
>
> smtpd_relay_restrictions = permit_mynetworks, check_client_access
> cidr:/etc/postfix/access, permit_sasl_authenticated,
> reject_unauth_destination
> smtpd_recipient_restrictions =
>
> Just confirming this is valid? I simply inverted the contents of each
> of these - previously realy_restrictions was empty.
Yeah. But there is one remaining problem: your Postfix server is
sending bounce messages when a customer's SMTP server rejects a
non-existent recipient. That can be a lot when a spammer is doing
a dictionary attack.
That would not happen when you have a valid recipient list; then
Postfix would reject RCPT TO, and the spammer would move on.
You can build that list dynamically by chganging /etc/postfix/access:
Old:
example.com OK
New:
example.com reject_unverified_recipient OK
But that could be a slow process because it needs a remote SMTP
client (not in mynetworks or SASL authenticated) to contact your
server wile the customer's server is up.
Wietse
_______________________________________________
Postfix-users mailing list -- postfix-users@postfix.org
To unsubscribe send an email to postfix-users-le...@postfix.org
