Joachim Schrod wrote:
Hi,
This question concerns Postfix; version 2.2.5, on SUSE 10.0, if that matters.
On a mail relay gateway (our backup mail server) the valid users of the relayed domains are not known. I.e., infrastructure and processes are not (yet) in place to use relay_recipient_maps.
If the backend servers for these domains have a static ip address and are able to reject mails during the smtp dialogue, you can use reject_unverified_recipient. That sends a probe mail to the destination server for the domain to check if that server accepts the recipient address. If it does, your relay can accept the mail, otherwise it should reject the mail. Better cache the results of the verify in a database. address_verify_map = btree:/var/spool/postfix/verifydb Use this selectively only for domains that fulfill the requirements I mentioned above: check_recipient_access hash:/etc/postfix/relaydomain_verify /etc/postfix/relaydomain_verify: relaydomain.example.com reject_unverified_recipient That will help a lot to keep out undeliverable mails.
When that mail gateway delivers email to our main mail server, bounce messages are created for unknown users. Bounce messages to valid senders are usually delivered immediately or at the second try (when greylisting is used). But bounce messages that are caused by spam emails remain in our queue and are tried to deliver again and again for several days.
Is it possible to configure postfix in such a way that emails from MAILER-DAEMON to arbitrary addresses are only tried to deliver twice, and are discarded afterwards?
Indiscriminately discarding mails is not a good idea! I had more than one domain in the last two weeks that was unable to receive mails, sometimes for more than a day! You can weed out the crap a bit by setting bounce_queue_lifetime a bit lower. I still would advise not to set this parameter lower than 1 day. Better fight the root of the problem as I mentioned above. Fast to implement and a LOT safer! I would also suggest you set up 2bounce_notice_recipient, so mails are not lost in case of a stupid little typo.
I don't want to turn off the sending of "unknown user" bounces; after all, one of our customers could have had a typo and should be notified.
EXACTLY!
OTOH, it would be nice if one could stop spurious bounce messages.
There are ways. The best solution depends on your individual situation. A good spam recognition will help as well. Robert Felber for example wrote policyd-weight to keep the number of invalid recipients as low as possible simply by weeding out most of the spam with his policy daemon. -- Sandy List replies only please! Please address PMs to: news-reply2 (@) japantest (.) homelinux (.) com -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org