From: Noel Jones (no email)
Date: Mon Feb 23 2009 - 12:36:21 EST
Santiago Romero wrote:
>
>> Postfix calls domains that it accepts mail for but delivers elsewhere
>> (such as MX backups) relay_domains. You can use a plain text file or
>> any supported postfix map type.
>>
>> The list if valid recipients in those domains is specified in
>> relay_recipient_maps. Specify one or more map files listing the valid
>> recipients; all other recipients are rejected.
>> http://www.postfix.org/postconf.5.html#relay_recipient_maps
>
> My question is : Can I have domains in relay_domains for which I check
> relay_recipient_maps and domains for which I don't check it?
>
> Example:
>
> domain1.com -> My main domain, I know accounts in the primary MX
> customer.com -> I work as MX backup for it, I don't know their accounts
>
> relay_domains = domain1.com, customer.com
> relay_recipient_maps = hash:/etc/postfix/valid_relay_accounts
>
> If I define N (let's say 100) accounts for @domain1.com in
> valid_relay_accounts and 0 accounts for @customer.com, what would
> postfix do with with @customer.com emails? Would postfix reject or
> accept it (no accounts defined in relay_recipient_maps por it).
>
> My problem is that I have knowledge of accounts of SOME of the domains I
> act as MXBackup for... and I want to "check rcpt to" only for those
> domains, while accepting any RCPT TO for the others.
>
> Thanks.
>
The link above says in part, "Specify @domain as a wild-card
for domains that have no valid recipient list, and become a
source of backscatter mail".
So a backscatter inducing wildcard entry would look like:
@example.com anything
You can use a check_recipient_access map that returns
reject_unverified_recipient for the domains that don't provide
a list to mitigate the problem.
http://www.postfix.org/ADDRESS_VERIFICATION_README.html#recipient
-- Noel Jones
|
|
|