[Greylist-users] restrictions order

Tue Mar 8 13:03:47 PST 2005

Excellent, thank you. That did the trick nicely.

Greg

On Tue, 2005-03-08 at 08:48 +0100, Lars E. Pettersson wrote:
> On Mon, 2005-03-07 at 21:50, Greg Webster wrote:
> > immediately...there's no sense keeping the mail around for 300 seconds
> > if the user is unknown.
> 
> The error messages in your message was the same in both cases "550
> <xxx at yyy.zzz>: Recipient address rejected: User unknown
> in virtual alias table" but judging from the statement above I imagine
> that the first should have shown greylisting in action.
> 
> If this is the case, do the following change:
> 
> > smtpd_recipient_restrictions =
> >         permit_mynetworks,
> >         permit_sasl_authenticated,
> >         check_sender_access,
> >         hash:/etc/postfix/sender_access,
> >         reject_unauth_destination,
> 
> Add reject_unlisted_recipient here
> 
> >         check_policy_service inet:127.0.0.1:60000,
> >         reject_rbl_client sbl-xbl.spamhaus.org,
> >         check_relay_domains
> 
> >From http://www.postfix.org/postconf.5.html
> 
> "reject_unlisted_recipient (Postfix 2.0 name: check_recipient_maps)
>     Reject the request when the RCPT TO address is not listed in the   
> list of valid recipients for its domain class. See the
> smtpd_reject_unlisted_recipient parameter description for details. This
> feature is available in Postfix 2.1 and later."
> 
> If I were you I would also move check_sender_access after
> reject_unauth_destination and reject_unlisted_recipient, just to be on
> the safe side.

-- 
Greg Webster  -  System Administrator
-------------------------------------
intouch.ca gastips.com epredictor.net