On 3/22/2016 8:54 PM, Rick Zeman wrote: > OS X Postfix system rebuilt as a relay with no local mailboxes, but > we're not passing inbound mail to the final destination except for the > few people who have local accounts on the postfix server. Soft bounce > is on....luckily (great safety net, Wietse). I have something that's > negating reject_unverified_recipient and I don't see what it is. Can > another set of eyes help? Thanks! >
What do you mean by negating? Do you have postfix logs (NOT debug logs) demonstrating the unexpected behavior? > mydestination = No local domains. OK. > mydomain = pointyears.net > myhostname = miniserv.pointyears.net > mynetworks = 127.0.0.0/8, [::1]/128 , 192.168.1.0/24 > relay_domains = pointyears.net pointyears.org relay_domains with no relay_recipient_maps, so any user should be accepted, subject to later reject_unverified_recipient. > relayhost = smtp.comcast.net:587 > smtp_generic_maps = regexp:/Library/Server/Mail/Config/postfix/generic.regexp > smtpd_client_restrictions = permit_mynetworks permit_sasl_authenticated permit The above is basically a no-op; permit anything. That's OK, you can simplify by removing the line. > smtpd_recipient_restrictions = permit_sasl_authenticated > permit_mynetworks reject_unauth_destination > reject_unverified_recipient This looks reasonable. Addresses to a domain handled by postfix will trigger a recipient probe, unless from mynetworks or SASL AUTH. You testing from inside your network? > soft_bounce = yes And any reject will be turned into a 4xx defer. > > transport: > pointyears.net smtp:[192.168.1.5]:587 > pointyears.org smtp:[192.168.1.5]:587 > So what problem are you having? -- Noel Jones
