Re: recipient restriction on known address?

Wed, 27 Aug 2008 18:02:38 -0700 

carconni wrote:
Okay - I've tried this but it isn't working. Emails are still being delivered (and rejected) despite being added to the blacklist. I really need postfix to check a file for bad email addresses before attempting to deliver an email - can Postfix do that? 

For instance my recipient_blacklist shows:

[EMAIL PROTECTED] reject

in my main.cf file:


smtpd_recipient_restrictions = check_sender_access 
hash:/etc/postfix/sender_access,check_recipient_accesshash:/etc/postfix/recipient_blacklist, 
hash:/etc/postfix/permit_sasl_authenticated,permit_mynetworks,reject_unauth_destination,permit 



but my mail log shows:

Aug 27 15:32:01 ourmailserver postfix/smtp[13606]: DB60B128A19E9: 
to=<[EMAIL PROTECTED]>, relay=relay.verizon.net[206.46.232.11], 
delay=1, status=bounced (host relay.verizon.net[206.46.232.11] said: 550 
4.2.1 mailbox temporarily disabled: [EMAIL PROTECTED] (in reply to 
RCPT TO command))




[please don't top post]


OK, your log shows the bad address leaving postfix.  How did 
it get in?



Your main.cf snipping looks odd, but could just be a cut+paste 
artifact.  Did you verify your settings by examining "postconf 
-n" output?  Typos can be hard to spot eyeballing main.cf entries.



Note that smtpd_* restrictions are only effective on mail 
submitted via SMTP and logged by the postfix "smtpd" daemon. 
Messages submitted locally via the command line are not 
affected; these are logged by the postfix "pickup" daemon.



If the mail enters via SMTP, stop here and find out why your 
table didn't work.




If the mail entered via the postfix "pickup" daemon, it's 
possible to tell postfix to discard these messages instead of 
delivering them (assuming sufficiently recent postfix) by 
adding a transport_maps entry for the bad user.


# main.cf
transport_maps = hash:/etc/postfix/transport

# transport
[EMAIL PROTECTED]   discard:unauthorized recipient


But it's always better to stop the garbage from coming into 
postfix in the first place rather than trying to stop it from 
going out.  So if the mail entered via "pickup", the better 
approach is to find whatever is submitting it and fix it there.


--
Noel Jones






















					Reply via email to