On Fri, Aug 25, 2023 at 08:07:01PM -0600, Pete Holzmann via Postfix-users wrote:
> SUMMARY > > * Scenario/repeatability: > - See www.postfix.org/ADDRESS_VERIFICATION_README.html#caching > - Since Postfix 2.7, there's a persistent verification database. Actually, there isn't, or, more precisely, it isn't actually used by default. You have to choose to enable recipient verification, and if you do, you have read the fine documentation on address verification, including the documentation on the cache TTLs in: http://www.postfix.org/verify.8.html which is referenced from, e.g. http://www.postfix.org/ADDRESS_VERIFICATION_README.html#dirty_secret and various other sections. > - By default, all failed probes (even of local/aliases) expire after > three days. As documented, but there should also be a background refresh every 3 hours, so that the second try 3h after correcting the problem, will succeed: address_verify_negative_expire_time = 3d address_verify_negative_refresh_time = 3h address_verify_positive_expire_time = 31d address_verify_positive_refresh_time = 7d > - Workaround: postfix stop; rm $data_directory/verify_cache.db; > postfix start Tune the settings to your needs. There's no need to remove the database. That also wipes your positive cache results. > - This is a very non-intuitive implementation, and very difficult for > an average admin to diagnose: no information points to the > verification cache. Only if you haven't read the documentation. > - Having examined the (verify.c) code, I realize a 'nice' solution > (clear cache of local address entries after newaliases) isn't that > simple. Someone with more experience can likely design a proper fix. Reading the code is not necessary. Just the documentation is sufficient. > * Suggestions > - At the very least, this needs to be highlighted in documentation > for newaliases etc No, newaliases have nothing to do with this. This is entirely material for ADDRESS_VERIFICATION_README and verify(8), but perhaps the timer parameters could be also mentioned prominently in the README file. -- Viktor. _______________________________________________ Postfix-users mailing list -- postfix-users@postfix.org To unsubscribe send an email to postfix-users-le...@postfix.org