On Tue, Jan 31, 2023 at 11:30:59PM -0500, post...@ptld.com wrote:
> I am looking to understand if I misinterpreted the documentation or if this
> is an issue with postfix.
>
> main.cf
> smtpd_reject_unlisted_recipient = no
> smtpd_data_restrictions = reject_unlisted_recipient
This won't work for multi-recipient messages.
> My intention is to prevent postfix from rejecting invalid recipients
> at the RCPT command and only reject them at the DATA command.
Sorry, that's not supported, and not semantically possible. You'd end
up rejecting the entire message, valid recipients and all, which even if
that's what you want is not a sound approach. In any case Postfix
smtpd(8) does not buffer up all the recipients in memory to run the
restriction for each in turn at the data stage.
> user (virtual_mailbox_maps) on the same valid domain
> (virtual_mailbox_domains). Just to be clear, a valid user would be
> ad...@example.com, the alias created was al...@example.com ->
> f...@example.com. There is no valid user f...@example.com in
> virtual_mailbox_maps.
Also, Postfix recipient validation is "shallow", existing aliases to
non-existent users will be accepted.
> I assumed smtpd_data_restrictions=reject_unlisted_recipient would have
> caught this and rejected the mail before sending it to LMTP.
Nope, that's not how it works.
> Was it supposed to?
No.
> Or does reject_unlisted_recipient get disabled completely
> when smtpd_reject_unlisted_recipient=no?
You can then use "reject_unlisted_recipient" explicitly at
the appropriate stage in the recipient restrictions.
> Is it possible to have the behavior I am expecting?
Only with a policy server, that buffers up the recipients, and does
something at the data stage in response to a policy query.
--
Viktor.
