[Greylist-users] restrictions order

Lars E. Pettersson lars at homer.se
Mon Mar 7 23:48:51 PST 2005

On Mon, 2005-03-07 at 21:50, Greg Webster wrote:
> immediately...there's no sense keeping the mail around for 300 seconds
> if the user is unknown.

The error messages in your message was the same in both cases "550
<xxx at yyy.zzz>: Recipient address rejected: User unknown
in virtual alias table" but judging from the statement above I imagine
that the first should have shown greylisting in action.

If this is the case, do the following change:

> smtpd_recipient_restrictions =
>         permit_mynetworks,
>         permit_sasl_authenticated,
>         check_sender_access,
>         hash:/etc/postfix/sender_access,
>         reject_unauth_destination,

Add reject_unlisted_recipient here

>         check_policy_service inet:,
>         reject_rbl_client sbl-xbl.spamhaus.org,
>         check_relay_domains

>From http://www.postfix.org/postconf.5.html

"reject_unlisted_recipient (Postfix 2.0 name: check_recipient_maps)
    Reject the request when the RCPT TO address is not listed in the   
list of valid recipients for its domain class. See the
smtpd_reject_unlisted_recipient parameter description for details. This
feature is available in Postfix 2.1 and later."

If I were you I would also move check_sender_access after
reject_unauth_destination and reject_unlisted_recipient, just to be on
the safe side.

Lars E. Pettersson <lars at homer.se>

More information about the Greylist-users mailing list