NEOHAPSIS - Peace of Mind Through Integrity and Insight

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com

Neohapsis > Archives > Postfix Discussion> 2008-08

Re: recipient restriction on known address?

From: Noel Jones (njonesmegan.vbhcs.org)
Date: Wed Aug 27 2008 - 20:01:58 CDT

Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

carconni wrote:
> Okay - I've tried this but it isn't working. Emails are still being
> delivered (and rejected) despite being added to the blacklist. I really
> need postfix to check a file for bad email addresses before attempting
> to deliver an email - can Postfix do that?
>
> For instance my recipient_blacklist shows:
>
> bad_addressverizon.net reject
>
> in my main.cf file:
>
> smtpd_recipient_restrictions = check_sender_access
> hash:/etc/postfix/sender_access,check_recipient_accesshash:/etc/postfix/recipient_blacklist,
> hash:/etc/postfix/permit_sasl_authenticated,permit_mynetworks,reject_unauth_destination,permit
>
>
> but my mail log shows:
> Aug 27 15:32:01 ourmailserver postfix/smtp[13606]: DB60B128A19E9:
> to=<bad_addressverizon.net>, relay=relay.verizon.net[206.46.232.11],
> delay=1, status=bounced (host relay.verizon.net[206.46.232.11] said: 550
> 4.2.1 mailbox temporarily disabled: bad_addressverizon.net (in reply to
> RCPT TO command))
>

[please don't top post]

OK, your log shows the bad address leaving postfix. How did
it get in?

Your main.cf snipping looks odd, but could just be a cut+paste
artifact. Did you verify your settings by examining "postconf
-n" output? Typos can be hard to spot eyeballing main.cf entries.

Note that smtpd_* restrictions are only effective on mail
submitted via SMTP and logged by the postfix "smtpd" daemon.
Messages submitted locally via the command line are not
affected; these are logged by the postfix "pickup" daemon.

If the mail enters via SMTP, stop here and find out why your
table didn't work.

If the mail entered via the postfix "pickup" daemon, it's
possible to tell postfix to discard these messages instead of
delivering them (assuming sufficiently recent postfix) by
adding a transport_maps entry for the bad user.

# main.cf
transport_maps = hash:/etc/postfix/transport

# transport
bad_addressverizon.net discard:unauthorized recipient

But it's always better to stop the garbage from coming into
postfix in the first place rather than trying to stop it from
going out. So if the mail entered via "pickup", the better
approach is to find whatever is submitting it and fix it there.

--
Noel Jones

Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]