On 3/10/2014 3:32 PM, Blake wrote: > Greetings, > > I have a postfix server which is running great and would like to > clean up a few items. > > Due to systems outside of my control I am unable to remove invalid > recipient addresses which are known to be bad. I wish threatening > the owners of the systems worked but I wish to remain employed. > > In short I have several systems sending emails to invalid addresses > which are bounced by Google. I would like to reject the messages at > the postfix system using an access list. > > I thought this configuration would work but it is not having the > desired effect. > > smtpd_relay_restrictions = permit_mynetworks, check_recipient_access > hash:/etc/postfix/blacklist_recipient, reject_unverified_recipient, > reject > unverified_recipient_reject_code = 450
That won't work because allowed clients are already permitted by permit_mynetworks. Additionally, recipient checks should not be in relay restrictions; you should reserve that section for relay decisions only. Note smtpd_relay_restrictions is available in postfix 2.10 and newer. You didn't mention what version you have. And be aware some other admins will consider the additional probes from reject_unverified_recipient to be abusive, and may block you. If you feel you need reject_unverified_recipient, use an access map to limit it to a few domains such as gmail, aol, etc. > > I have also tried without any success. > smtpd_recipient_restrictions = check_recipient_access > hash:/etc/postfix/blacklist_recipient > http://www.postfix.org/postconf.5.html#smtpd_recipient_restrictions That should work with postfix 2.10 and newer. Previous versions of postfix require additional commands in smtpd_recipient_restrictions. http://www.postfix.org/postconf.5.html#smtpd_recipient_restrictions I would suggest to put these in smtpd_sender_restrictions and not mess with either smtpd_recipient_restrictions or smtpd_relay_restrictions. http://www.postfix.org/SMTPD_ACCESS_README.html#danger # main.cf smtpd_sender_restrictions = check_recipient_access hash:/etc/postfix/blacklist_recipient # blacklist_recipient [email protected] REJECT unknown recipient [email protected] REJECT unknown recipient gmail.com reject_unverified_recipient hotmail.com reject_unverified_recipient -- Noel Jones
