Hello all,
I have a dedicated postfix machine that I use as a smarthost for all my outgoing email from my internal servers. The smarthost even has only ports 465 and 587 enabled/opened. Recently we had the case that an internal used composer an email to an external recipient and had a typo in the domain. The internal server currently does no checks but forwards all email for external recipients to the smarthost. The smarthost then replied to the internal mailserver with Out: 450 4.1.2 <user@domain_with_typo.de>: Recipient address rejected: Domain not found Since this was a 4xx tempfail reply, the internal mailserver tried to send the email over and over and only after 4 hours the internal mailserver send a "mail delivery delayed" email to the original sender. They then could compose the email again with the correct recipient address, but since they have no ssh root access to the server they could not remove the email with typo from the internal server's queue and thus they got even more "mail delivery delayed" notifications periodically until the message expired from the queue. There is two things that bother me: - it took 4h for the sender to get a notification that the domain was not found - after they "corrected" it by sending a second email with the correct address, they still got mail delivery delayed notification which leads to confusion if they miss the fact that the mail with the type was delayed, and instead think their new mail is delayed again because something is wrong Is the "unknown_address_reject_code" only used when dns returns nxdomain and can thus be changed to a permanent fail on this server in particular or would problems like timeout for DNS requests also lead to unknown_address_reject and therefor lead to legitimate emails being rejected due to network problems? From my understanding, the latter would be a case of unknown_address_tempfail_action and thus a defer_if_permit since I have not changed this setting. so tldr: can I change unknown_address_reject_code to a perm fail on a server thats only purpose is to send outgoing mails, without any unwanted effects resulting from this change? (that means the behaviour of postfix on this machine would exactly be the same with or without the change with the only difference that emails with typos would be rejected with a permfail) Thanks! Cheers, Simon
signature.asc
Description: PGP signature
_______________________________________________ Postfix-users mailing list -- postfix-users@postfix.org To unsubscribe send an email to postfix-users-le...@postfix.org