On Wed, 21 Jan 2026 03:17:25 -0800, Matus UHLAR - fantomas via Postfix-users
wrote:
> If you forward recipients of bogus.com to well-known smtp server, and
> that server is able to reject non-existing users, you can use
> reject_unverified_recipient
> as described in
> http://www.postfix.org/ADDRESS_VERIFICATION_README.html
so i was still getting crud. the smtp server does indeed respond with a
550
mail1.rg.net:/home/randy> telnet foo.com 25
Trying 2001:418:88::17...
Connected to foo.com.
Escape character is '^]'.
220 foo.com ESMTP Exim 4.98.2 Mon, 26 Jan 2026 16:13:09 +0000
EHLO mail1.rg.net
250-foo.com Hello mail1.rg.net [2001:418:12::40]
250-SIZE 209715200
250-LIMITS MAILMAX=6 RCPTMAX=50000
250-8BITMIME
250-PIPELINING
250-PIPECONNECT
250-STARTTLS
250 HELP
MAIL FROM: [email protected]
250 OK
RCPT TO: [email protected]
550 unknown user
quit
221 foo.com closing connection
Connection closed by foreign host.
and my main.cf used to say
smtpd_recipient_restrictions =
permit_mynetworks,
permit_sasl_authenticated,
permit_auth_destination,
# reject_unauth_destination is not needed here if the mail
# relay policy is specified under smtpd_relay_restrictions
# (available with Postfix 2.10 and later).
reject_unauth_destination,
reject_unknown_recipient_domain,
reject_unverified_recipient
yet mail to [email protected] was getting through to rspamd
i think it was the ordering!! the following seems to work
smtpd_recipient_restrictions =
reject_unauth_destination,
reject_unknown_recipient_domain,
reject_unverified_recipient,
permit_mynetworks,
permit_auth_destination
though i bet/hope someone more clueful could suggest improvement
otoh, perhaps the example in section Recipient address verification in
http://www.postfix.org/ADDRESS_VERIFICATION_README.html could be ordered
a bit differently?
randy
_______________________________________________
Postfix-users mailing list -- [email protected]
To unsubscribe send an email to [email protected]
