NEOHAPSIS - Peace of Mind Through Integrity and Insight

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com

Neohapsis > Archives > Postfix Discussion> 2007-11

Re: Strange problem with rejecting unknown users with postfix

From: Ali Nebi (anebiiguanait.com)
Date: Sat Nov 03 2007 - 05:38:29 CDT

Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

----- Original Message -----
From: "Justin McAleer" <pflistfehuq.com>
To: <anebiiguanait.com>
Cc: <postfix-userspostfix.org>
Sent: Friday, November 02, 2007 4:51 PM
Subject: Re: Strange problem with rejecting unknown users with postfix

> Ali Nebi wrote:
> > Hi,
> >
> > i need of help about a strange problem that we have on a server.
> >
> >
> > when someone send mails to some user in our system, if it is real user,
> > smtp accept the message (this is ok), but if user is not real, if it
> > doesn't exist, then for some user it reject mails, for others it accept
> > them. This is strange, and we have many emails like this that smtp
> > should reject, but it accept them.
> >
> >
> > smtpd_recipient_restrictions = permit_mynetworks,
> > permit_sasl_authenticated, check_recipient_access
> > hash:/etc/postfix/access, reject_unauth_destination,
> > reject_unknown_recipient_domain, reject_non_fqdn_recipient,
> > reject_unauth_pipelining, permit
> >
> >
> You often end your restriction sections with permit; are you sure that's
> proper for all other cases? In this particular case, unless a recipient
> address is explicitly rejected by the check_recipient_access,
> reject_unauth_destination, reject_unknown_recipient_domain, or
> reject_non_fqdn_recipient checks, you're telling the server to accept
> it. Since I doubt you have every conceivable invalid email address
> listed in your access map, that's why they are being accepted. You can
> probably simply remove the permit, but if you want to keep it for
> whatever reason, add reject_unlisted_recipient before it.
>

Yes, probably this is the reason. I tested senders rules yesterday and with
permit, the smtp server accept all mails, no matter if the sender exist or
not. when i commented the line for permit, non exist senders were rejected.
i think this is the same for recipients too. Thank for the direction an
help. :)

Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]