> On Jan 16, 2019, at 9:56 AM, Wietse Venema <wie...@porcupine.org> wrote: > >> reject_unverified_recipient is no option as remote sites don't like >> probing/verify requests. After rechecking, i had a typo in my regex. > > reject_unverified RECIPIENT, not reject_unverified_SENDER
Specifically, because it would be used on the submission port or only for clients in trusted networks, it would not be open to abuse by random strangers. The same users allowed to send email to the remote site, are the ones who would initially trigger a verification probe occasionally as part of submitting an outbound message. It is fairly safe, and should not raise any issue with remote receiving systems. You can monitor your logs for signs of misuse by trusted clients. -- Viktor.