> On Jan 16, 2019, at 9:56 AM, Wietse Venema <wie...@porcupine.org> wrote:
>
>> reject_unverified_recipient is no option as remote sites don't like
>> probing/verify requests. After rechecking, i had a typo in my regex.
>
> reject_unverified RECIPIENT, not reject_unverified_SENDER
Specifically, because it would be used on the submission port or
only for clients in trusted networks, it would not be open to abuse
by random strangers. The same users allowed to send email to the
remote site, are the ones who would initially trigger a verification
probe occasionally as part of submitting an outbound message.
It is fairly safe, and should not raise any issue with remote
receiving systems. You can monitor your logs for signs of
misuse by trusted clients.
--
Viktor.
