On Mon, Oct 21, 2024 at 12:28:59PM -0400, Wietse Venema via Postfix-users wrote:
> > Cute. I'll just throw that into an access map, and... nope, they get
> > 550 5.0.0, as noted in access(5). Makes sense, but standards compliance
> > isn't a terribly compelling argument when the other side can't be
> > bothered.
> >
> > How can I convince Postfix to stop helping and do what I said?
>
> That is, it will reply with 5.1.1 only when it detects a 'user
> unknown' condition.
>
> You can fake a 'user unknown' condition with milter-regex (a Milter
> plugin) or with postfwd (a check_policy_service plugin). These can
> reply with "550 5.1.1 user unknown in reply to RCPT TO", when the
> remote SMTP client domain or IP address matches some pattern.
No external helpers required, just use a restriction class:
main.cf:
smtpd_restriction_classes =
reject_550_511,
# any others ...
reject_550_511 =
# This synthesises in a recipient context
check_recipient_access static:{550 5.1.1 Surely you jest}
smtpd_recipient_restrictions =
reject_unauth_destination,
check_sender_access inline:{
{[email protected] = reject_550_511}}
check_client_access inline:{
{192.0.2.1 = reject_550_511}}
# ... whatever ...
Any access rules that resolve to "reject_550_511" will yield results
similar to:
220 amnesiac ESMTP Postfix
EHLO example.com
250-amnesiac
250-PIPELINING
250-SIZE 157286400
250-STARTTLS
250-ENHANCEDSTATUSCODES
250-8BITMIME
250-SMTPUTF8
250 CHUNKING
mail from:<[email protected]>
250 2.1.0 Ok
rcpt to:<[email protected]>
550 5.1.1 <[email protected]>: Recipient address rejected: Surely
you jest
QUIT
221 2.0.0 Bye
--
Viktor.
_______________________________________________
Postfix-users mailing list -- [email protected]
To unsubscribe send an email to [email protected]