> On 10/28/2009 7:23 PM, Peter Macko wrote:
> > DNS that is used by postfix stopped working and consequently caused
> > postfix respond to:
> > 1. senders from outside: NOQUEUE: reject: RCPT from
> > unknown[194.168.1.66]: 450 4.1.8
> > 2. senders from inside (LAN): NOQUEUE: reject: RCPT from
> > unknown[172.16.125.115]: 450 4.1.2
> >
> > 1. case looks Ok, mailservers from outside keep trying to deliver the
> > rejected messages.
> > 2. case is not that good. Email clients on LAN e.g. outlook generate
> > failed delivery message 450 4.1.2.
> > The problem is that I use AVG antivirus to check emails and it will not
> > generate any message in this case.
> > In case of DNS failure, can I configure postfix to construct standard
> > message (failed delivery) for senders from LAN (local users of postfix
> > server) and
> > for senders from outside (other email servers) to keep responding 450 4.1.8?
> >
>
> Yes, don't subject internal or authenticated users to
> reject_unknown_client_hostname checks.
>
> Make sure the permit_mynetworks and/or
> permit_sasl_authenticated is listed first.
>
> If you need more help, refer to the list welcome message you
> received when you signed up, or see
> http://www.postfix.org/DEBUG_README.html#mail
>
>
> -- Noel Jones
Thanks, your advice was helpful.
I still have one problem. When I send email from mynetworks to local user that
does not exist,
postfix does not construct error message.
In maillog:
Nov 2 11:01:05 mail postfix/smtpd[5083]: NOQUEUE: reject: RCPT from
unknown[A.A.A.A]: 550 5.1.1 <u...@domain.eu>: Recipient address rejected: User
unknown in local recipient table; from=<us...@domain.eu> to=<u...@domain.eu>
proto=ESMTP helo=<oit03>
postconf -n
alias_maps = hash:/etc/aliases
bounce_template_file = /etc/postfix/bounce.cf.sk
broken_sasl_auth_clients = yes
command_directory = /usr/sbin
config_directory = /etc/postfix
daemon_directory = /usr/libexec/postfix
debug_peer_level = 2
header_checks = regexp:/etc/postfix/header_checks
home_mailbox = Maildir/
html_directory = no
mailq_path = /usr/bin/mailq.postfix
manpage_directory = /usr/share/man
message_size_limit = 20480000
mydestination = $myhostname, localhost.$mydomain, localhost, $mydomain
mynetworks = 10.10.1.0/24, 127.0.0.0/8, 172.16.125.115/32
mynetworks_style = host
myorigin = $mydomain
newaliases_path = /usr/bin/newaliases.postfix
readme_directory = /usr/share/doc/postfix-2.3.3/README_FILES
sample_directory = /usr/share/doc/postfix-2.3.3/samples
sendmail_path = /usr/sbin/sendmail.postfix
setgid_group = postdrop
smtpd_recipient_restrictions = permit_mynetworks,
permit_sasl_authenticated,
reject_invalid_helo_hostname,
reject_non_fqdn_sender,
reject_non_fqdn_recipient,
reject_unknown_sender_domain,
reject_unknown_recipient_domain,
reject_unauth_destination,
reject_rbl_client sbl.spamhaus.org,
reject_rbl_client cbl.abuseat.org,
reject_rbl_client dul.dnsbl.sorbs.net
smtpd_sasl_auth_enable = yes
smtpd_sasl_path = private/auth
smtpd_sasl_type = dovecot
unknown_local_recipient_reject_code = 550
Thank you again
_________________________________________________________________
Windows Live: Make it easier for your friends to see what you’re up to on
Facebook.
http://www.microsoft.com/middleeast/windows/windowslive/see-it-in-action/social-network-basics.aspx?ocid=PID23461::T:WLMTAGL:ON:WL:en-xm:SI_SB_2:092009
