Hello,
after reading most of this thread I'd like to add:
On 16.01.26 19:29, Randy Bush via Postfix-users wrote:
there are a fair number of domains being forwarded, most to a remote
default smtp server which actually deals with all the virtuals plus
a few hundred local mailboxes.
I hope you reject local non-existing recipients immediately, so they don't
hit rspamd before mail is rejected.
...processing with rspamd is likely heavier than regexp/pcre header_checks
If you forward recipients of bogus.com to well-known smtp server, and that
server is able to reject non-existing users, you can use
reject_unverified_recipient
as described in
http://www.postfix.org/ADDRESS_VERIFICATION_README.html
That way, you don't need to match existing/non-existing addresses in access
file, you can delegate verification of users to that server.
just this one particular domain, bogus.com, seems to attract hundreds
of spam emails a day which rspamd classifies as /X-Spam: YES/ which i
have to review manually.
You can limit verification to one domain
...but if you forward to the same server, why not all of those.
I have similar setup on one of mail gateways:
smtpd_sender_restrictions =
reject_non_fqdn_sender,
[...]
check_sender_access hash:/etc/postfix/verify.sender
smtpd_recipient_restrictions =
reject_non_fqdn_recipient,
[...]
check_recipient_access hash:/etc/postfix/verify.recipient
/etc/postfix/verify.sender
bogus.com reject_unverified_sender
.bogus.com reject_unverified_sender
/etc/postfix/verify.recipient
bogus.com reject_unverified_recipient
.bogus.com reject_unverified_recipient
--
Matus UHLAR - fantomas, [email protected] ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
I feel like I'm diagonally parked in a parallel universe.
_______________________________________________
Postfix-users mailing list -- [email protected]
To unsubscribe send an email to [email protected]
