H?kon Alstadheim:
> I have a rather convoluted multi-instance setup that mostly works to my
> liking, with spam-filters, hand-off to mailman, dkim-signing and
> whatnot. One problem is that mis-typed outgoing addresses (host part)
> from my local, authenticated users end up deferred (450) and not bounced
> back to the sender. I am a bit wary of enabling bounces, but if I can
> make sure that I don't bounce incoming mail, I should be OK.
You are not supposed to accept and deliver mail for a remote recipient
domain (whether it exists or not) from unauthenticated clients or
untrusted clients. That would be an exploitable open relay.
As long as that condition is met, only authenticated or trusted
clients can specify a non-existent recipient domain.
> Long story short, If in a specific postfix instance I am SURE I'm only
> handling mail submitted by authenticated users, I should be OK to change
> unknown_address_reject_code to 550 ?
I think so. This controls the handling of a non-existent domain with
reject_unknown_recipient_domain and reject_unknown_sender_domain.
Wietse
> I don't want to do the change in submit (before queue) because I have a
> dance with DKIM signing before handing off to address-mapping and
> further to relay/local delivery/mailman,
>
>
