Re: Accepting messages only for valid users in a secondary MX server

From: Noel Jones (no email)
Date: Mon Feb 23 2009 - 12:36:21 EST

  • Next message: Noel Jones: "Re: smtpd_recipient_restrictions is not working on postfix 2.3"

    Santiago Romero wrote:
    >
    >> Postfix calls domains that it accepts mail for but delivers elsewhere
    >> (such as MX backups) relay_domains. You can use a plain text file or
    >> any supported postfix map type.
    >>
    >> The list if valid recipients in those domains is specified in
    >> relay_recipient_maps. Specify one or more map files listing the valid
    >> recipients; all other recipients are rejected.
    >> http://www.postfix.org/postconf.5.html#relay_recipient_maps
    >
    > My question is : Can I have domains in relay_domains for which I check
    > relay_recipient_maps and domains for which I don't check it?
    >
    > Example:
    >
    > domain1.com -> My main domain, I know accounts in the primary MX
    > customer.com -> I work as MX backup for it, I don't know their accounts
    >
    > relay_domains = domain1.com, customer.com
    > relay_recipient_maps = hash:/etc/postfix/valid_relay_accounts
    >
    > If I define N (let's say 100) accounts for @domain1.com in
    > valid_relay_accounts and 0 accounts for @customer.com, what would
    > postfix do with with @customer.com emails? Would postfix reject or
    > accept it (no accounts defined in relay_recipient_maps por it).
    >
    > My problem is that I have knowledge of accounts of SOME of the domains I
    > act as MXBackup for... and I want to "check rcpt to" only for those
    > domains, while accepting any RCPT TO for the others.
    >
    > Thanks.
    >

    The link above says in part, "Specify @domain as a wild-card
    for domains that have no valid recipient list, and become a
    source of backscatter mail".
    So a backscatter inducing wildcard entry would look like:
    @example.com anything

    You can use a check_recipient_access map that returns
    reject_unverified_recipient for the domains that don't provide
    a list to mitigate the problem.
    http://www.postfix.org/ADDRESS_VERIFICATION_README.html#recipient

       -- Noel Jones


  • Next message: Noel Jones: "Re: smtpd_recipient_restrictions is not working on postfix 2.3"





    Hosted Email Solutions

    Invaluement Anti-Spam DNSBLs



    Powered By FreeBSD   Powered By FreeBSD