In an older episode, on 2014-03-10 21:32, Blake wrote:
In short I have several systems sending emails to invalid addresses
which are bounced by Google. I would like to reject the messages at the
postfix system using an access list.
I thought this configuration would work but it is not having the desired
effect.
smtpd_relay_restrictions = permit_mynetworks, check_recipient_access
hash:/etc/postfix/blacklist_recipient, reject_unverified_recipient, reject
If the systems in question are in $mynetworks, that would allow them to
send all mails before /etc/postfix/blacklist_recipient is checked.
In that case, you should put
check_recipient_access hash:/etc/postfix/blacklist_recipient
_before_
permit_mynetworks
IMHO.
I have also tried without any success.
smtpd_recipient_restrictions = check_recipient_access
hash:/etc/postfix/blacklist_recipient
http://www.postfix.org/postconf.5.html#smtpd_recipient_restrictions
http://www.postfix.org/postconf.5.html#smtpd_relay_restrictions says:
"Access restrictions for mail relay control that the Postfix SMTP server
applies in the context of the RCPT TO command, before
smtpd_recipient_restrictions."
If I am not mistaken, that means that
permit_mynetworks (from your smtpd_relay_restrictions) would match
before your smtpd_recipient_restrictions would be considered.
Hope this helps,
wolfgang