On Tue, Jan 31, 2023 at 11:30:59PM -0500, post...@ptld.com wrote: > I am looking to understand if I misinterpreted the documentation or if this > is an issue with postfix. > > main.cf > smtpd_reject_unlisted_recipient = no > smtpd_data_restrictions = reject_unlisted_recipient
This won't work for multi-recipient messages. > My intention is to prevent postfix from rejecting invalid recipients > at the RCPT command and only reject them at the DATA command. Sorry, that's not supported, and not semantically possible. You'd end up rejecting the entire message, valid recipients and all, which even if that's what you want is not a sound approach. In any case Postfix smtpd(8) does not buffer up all the recipients in memory to run the restriction for each in turn at the data stage. > user (virtual_mailbox_maps) on the same valid domain > (virtual_mailbox_domains). Just to be clear, a valid user would be > ad...@example.com, the alias created was al...@example.com -> > f...@example.com. There is no valid user f...@example.com in > virtual_mailbox_maps. Also, Postfix recipient validation is "shallow", existing aliases to non-existent users will be accepted. > I assumed smtpd_data_restrictions=reject_unlisted_recipient would have > caught this and rejected the mail before sending it to LMTP. Nope, that's not how it works. > Was it supposed to? No. > Or does reject_unlisted_recipient get disabled completely > when smtpd_reject_unlisted_recipient=no? You can then use "reject_unlisted_recipient" explicitly at the appropriate stage in the recipient restrictions. > Is it possible to have the behavior I am expecting? Only with a policy server, that buffers up the recipients, and does something at the data stage in response to a policy query. -- Viktor.