[Greylist-users] restrictions order
greg at intouch.ca
Tue Mar 8 13:03:47 PST 2005
Excellent, thank you. That did the trick nicely.
On Tue, 2005-03-08 at 08:48 +0100, Lars E. Pettersson wrote:
> On Mon, 2005-03-07 at 21:50, Greg Webster wrote:
> > immediately...there's no sense keeping the mail around for 300 seconds
> > if the user is unknown.
> The error messages in your message was the same in both cases "550
> <xxx at yyy.zzz>: Recipient address rejected: User unknown
> in virtual alias table" but judging from the statement above I imagine
> that the first should have shown greylisting in action.
> If this is the case, do the following change:
> > smtpd_recipient_restrictions =
> > permit_mynetworks,
> > permit_sasl_authenticated,
> > check_sender_access,
> > hash:/etc/postfix/sender_access,
> > reject_unauth_destination,
> Add reject_unlisted_recipient here
> > check_policy_service inet:127.0.0.1:60000,
> > reject_rbl_client sbl-xbl.spamhaus.org,
> > check_relay_domains
> >From http://www.postfix.org/postconf.5.html
> "reject_unlisted_recipient (Postfix 2.0 name: check_recipient_maps)
> Reject the request when the RCPT TO address is not listed in the
> list of valid recipients for its domain class. See the
> smtpd_reject_unlisted_recipient parameter description for details. This
> feature is available in Postfix 2.1 and later."
> If I were you I would also move check_sender_access after
> reject_unauth_destination and reject_unlisted_recipient, just to be on
> the safe side.
Greg Webster - System Administrator
intouch.ca gastips.com epredictor.net
More information about the Greylist-users