From: Arpi (arpithot.banki.hu)
Date: Wed Nov 28 2007 - 14:23:49 CST

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hi,

We have a posfix mail server, which does content filtering (spam virus etc)
for all of our mail servers, as a relay. I've enabled address verify
(both sender and recipient) for all of our server domains. It's working fine.

Now I've added
virtual_alias_maps = hash:/etc/postfix/virtual, ldap:ldapforward, ldap:ldapvirtual
which does address translation for many of our domains where the
addresses are redirected to other addresses (users moved and have their
old mail forwarded, and some users moved to an ms exchange server).
The problem is, that I dont want to do address verification for these
foregin domains, where some of our addresses are forwarded/virtaal_aliased.
(there are some servers, where address verify doesnt work)

Is there any way, to tell postfix which domains NOT to verify
mail to? Adding it to check_recipient_access maps in
smtpd_recipient_restrictions doesnt work, as it's used by smtpd only,
and address verify ignores that when doing the address verify.
Or any way to force verify to verify only mails to listed domains,
and do this domain check _after_ resolving virtual_alias mappings ?

For example:
smtpd receives a connection, with recipient arpibmf.hu.
there is a such line in the check_recipient_access map:
bmf.hu reject_unverified_recipient
so it does address verify. it's ok.
but this address is mapped to an external address in virtual_alias_maps:
arpibmf.hu arpithot.banki.hu
so the verify process connects thot.banki.hu to verify this address.
but i dont want it to connect thot.banki.hu!

if the address is listed in virtual_alias_maps, then it's an existing
address (but at least an address i can assume it's a working one)
so no further checks needed!

i hope the problem is clear now.
any ideas?

A'rpi

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]