> On 23 May 2018, at 13:41, Viktor Dukhovni <postfix-us...@dukhovni.org> wrote: > > > >> On May 23, 2018, at 4:10 PM, Doug Hardie <bc...@lafn.org> wrote: >> >> incoming_smtpd_restrictions = >> check_policy_service inet:127.0.0.1:10040, >> reject_invalid_hostname, >> reject_non_fqdn_sender, >> reject_non_fqdn_recipient, >> reject_unknown_sender_domain, >> reject_unknown_recipient_domain, >> reject_unauth_pipelining, >> permit_mynetworks, >> check_recipient_access hash:/usr/local/etc/postfix/tempfail, >> reject_unauth_destination, >> reject_unverified_recipient >> permit > > It is far from clear why you'd want "reject_unverified_recipient" > here. Do you have sort of wildcard aliasing or other reason to > expect your recipient validation tables to accept ultimately > invalid recipients?
Reading the Prefix Address Verification Howto madeit seem like it would be useful. I think I see now how it works. I don't expect the recipient validation tables to have invalid recipients so I have removed that. -- Doug
