Since I have moved all local users to virtual users and switched dovecot to
lmtp from lda, I was able to add reject_unverified_recipient to my
restrictions, and it occurred to me maybe some of the other restrictions could
be eliminated.
Do reject_non_fqdn_recipient, reject_unauth_destination, do anything that isn’t
done with the check for unverified recipient?
smtpd_recipient_restrictions = reject_unauth_destination
reject_non_fqdn_sender
reject_non_fqdn_recipient
reject_unknown_recipient_domain
reject_unknown_sender_domain
reject_unlisted_recipient
reject_unlisted_sender
reject_invalid_hostname
reject_unverified_recipient
reject_unknown_reverse_client_hostname
reject_unknown_client_hostname
permit
The sample block at <http://www.postfix.org/ADDRESS_VERIFICATION_README.html>
shows this being added late in the list, and after
reject_unknown_recipient_domain, but is that check necessary when the probe
postfix does is local (I understand the answer is different when dealing with a
relay domain that is probing another server).
Does it matter if there are only hundreds of addresses instead of tens of
thousands?
If nearly all users accounts get at least an email a day, will any probes be
done at all after the first day? (That is, how persistent is the persistent
database postfix keeps of verified recipients? Does it persists through reloads
of postfix, reboots of the system?)
--
Do not meddle in the affairs of Dragons for you are crunchy and taste
good with ketchup
