Thanks for the replies, a few comments below from a few replies:
On Mon, Jul 22, 2024 at 8:45 AM Matus UHLAR - fantomas via Postfix-users <postfix-users@postfix.org> wrote: > > "smtpd_reject_unlisted_recipient=no" is why recipient is not rejected on port > 587. Can this be added to port 25 somehow? > What is the destination domain provided by sending IP and is it listed in > mydestination? It is not in mydestination, it is in /etc/postfix/access in CIDR format - "1.2.3.4 OK". That is in turn referred to via check_client_access in smtpd_recipient_restrictions (same as prev server). If removed from here, I get "Relay access denied" as expected - instead of "Recipient address rejected" which I'm currently getting. smtpd_recipient_restrictions = check_client_access cidr:/etc/postfix/access, permit_sasl_authenticated, reject_unauth_destination On Mon, Jul 22, 2024 at 9:14 AM Wietse Venema via Postfix-users <postfix-users@postfix.org> wrote: > > The proper workaround is to list relay destinations in main.cf:relay_domains, > and to list valid relay recipients in main.cf:relay_recipient_maps. We cannot do a list of domains to relay, as we're an ISP and we're allowing mail relay to downstream customers (schools, k12s, colleges, etc). We're simply whitelisting their source IP's to permit relay if they have issues from their own public IP space and whatnot. I wouldn't think I'd want to whitelist a recipient domain with all wildcards or something silly (*@*.*) as we hadn't had to do this behaviour before. Cheers, Chris _______________________________________________ Postfix-users mailing list -- postfix-users@postfix.org To unsubscribe send an email to postfix-users-le...@postfix.org
