> Postfix supports what you've described. You must have made some
> other mistake.
believe me that's what I thought first :-) But the only reason this
would not fire is that a prior restriction already OK the mail. To test
I commented all client restrictions and placed my check_sender access on
(almost) top of sender_restrictions
smtpd_sender_restrictions = reject_unknown_sender_domain,
reject_non_fqdn_sender,
check_sender_access hash:/etc/postfix/do_callahead,
[....]
so the restriction is well before any restriction that could ACCEPT the
mail.
postmap tells me that it gets the correct value from the map
$ postmap -q 'example.com' /etc/postfix/do_callahead
reject_unverified_recipient
Am 13.11.18 um 17:18 schrieb Noel Jones:
> On 11/13/2018 9:43 AM, Tobi wrote:
>> Hello list
>>
>> I'm trying to achieve that a certain sender (or sender domain) must have
>> the recipients verified. Thought that it could be done with a
>> restriction class:
>>
>> #main.cf
>> smtpd_restriction_classes = DO_CALLAHEAD
>> DO_CALLAHEAD = reject_unverified_recipient
>> smtpd_sender_restrictions = check_sender_access hash:/etc/postfix/my.map
>>
>> #my.map
>> example.com DO_CALLAHEAD
>>
>> But if I test with example.com sender on a remote rcpt that is rejected,
>> the msg is always accepted and a bounce has to be sent back to sender.
>> Which is what I'm trying to avoid for this particular sender with rcpt
>> verification.
>>
>> Is there a way to achieve that with postfix?
>>
>> Thanks for any idea
>>
>> tobi
>>
>
>
> Postfix supports what you've described. You must have made some
> other mistake.
>
> You can simplify your config by not using a restriction class, which
> isn't required for this particular function.
>
> # my.map
> example.com reject_unverified_recipient
>
>
>
>
> -- Noel Jones
>
