[Mimedefang] Postfix: How to run the milter BEFORE reject_unverified_recipient
Benoit Panizzon
benoit.panizzon at imp.ch
Tue Feb 20 07:35:24 EST 2018
Hi Wietse
> Not possible. The Milter protocol implements the 'change sender'
> feature AFTER the entire message is received. That is long
> after the MAIL FROM and RCPT TO commands.
Ok, so if you activate reject_unverified_recipient it's not possible to
tell postfix not to call this function for local recipients, which
would anyway be rejected.
I did some further digging and found a posting of another user having
the problem, that he used reject_unverified_recipient but wanted to be
able to queue mails for a specific domain that is relayed through his
server in case the destination server is down.
Yes, sounds similar to my problem. He used check_recipient_access with
a hash map listing all recipients he wanted to queue.
This information and a google query if I could replace a hash map with
a regexp map later I had a working solution for my SRS problem:
smtpd_recipient_restrictions =
reject_unknown_sender_domain
reject_unknown_recipient_domain
check_recipient_access regexp:/etc/postfix/noverify
reject_unverified_recipient
And in /etc/postfix/noverify
/^SRS\d{1}.*/ OK
Now I just have to check that I didn't open an unauthenticated relay
door.
Mit freundlichen Grüssen
-Benoît Panizzon-
--
I m p r o W a r e A G - Leiter Commerce Kunden
______________________________________________________
Zurlindenstrasse 29 Tel +41 61 826 93 00
CH-4133 Pratteln Fax +41 61 826 93 01
Schweiz Web http://www.imp.ch
______________________________________________________
More information about the MIMEDefang
mailing list