 |
| Prev-20 | Home | Next-20 |
| Prev-20 | Home | Next-20 |
| Prev-Msg | Prev-Thread | Postfix-users | Jan-2008 | Next-Thread | Next-Msg |
| Subject: | Re: virtual_mailbox_base & LDAP |
| Group: | Postfix-users |
| From: | mouss |
| Date: | 15 Jan 2008 |
> On Mon, Jan 14, 2008 at 10:10:21PM +0100, mouss wrote:
>
>>> The official recipe is
>>>
>>> http://www.postfix.org/STANDARD_CONFIGURATION_README.html#firewall
>>>
>>> and it is OK to leave local_recipient_maps empty given that local
>>> recipients are by default rejected.
>>>
>> true for recipients, but not for senders. so reject_unlisted_sender will
>> not reject foo] if foo is found in $local_recipient_maps.
>> using an empty map will enforce this.
>
> The way I read the code, addresses routed to "error:" are rejected in both
> sender and recipient roles unless remapped via virtual(5) or canonical(5).
>
> Do you have a counter-example?
I may have overlooked something. I've had a test more a year ago where I
needed to add the empty map, but now that you say it, I am not as sure
as I was.
>
> Taken from src/smtpd/smtpd_check.c:check_rcpt_maps()
>
> /*
> * At this point, anything that resolves to the error mailer is known to
> * be undeliverable.
> *
> * XXX Until the address resolver does final address resolution, known and
> * unknown recipients in virtual alias domains will both resolve to
> * "error:user unknown".
> */
> if (strcmp(STR(reply->transport), MAIL_SERVICE_ERROR) == 0) {
> dsn_split(&dp, strcmp(reply_class, SMTPD_NAME_SENDER) == 0 ?
> "5.1.0" : "5.1.1", STR(reply->nexthop));
> return (smtpd_check_reject(state, MAIL_ERROR_BOUNCE,
> (reply->flags & RESOLVE_CLASS_ALIAS) ?
> var_virt_alias_code : 550,
> smtpd_dsn_fix(DSN_STATUS(dp.dsn),
> reply_class),
> "<%s>: %s rejected: %s",
> recipient, reply_class,
> dp.text));
> }
>
> The above code is for senders and recipients.
>
| Prev-Msg | Prev-Thread | Postfix-users | Jan-2008 | Next-Thread | Next-Msg |