Login or Register to Ask a Question and Join Our Community


UNIX for Dummies Questions & Answers

Configure Recipient Restrictions in Postfix

 
Thread Tools Search this Thread
Top Forums UNIX for Dummies Questions & Answers Configure Recipient Restrictions in Postfix
# 1  
Old 03-09-2010
Configure Recipient Restrictions in Postfix
Hi all

We need to block our users sending emails to specific email addresses. At the moment, recipient restrictions is not enabled in our Postfix relay server so all messages submitted from our Exchange server are accepted and relayed.

See entries in our main.cf file:

Code:
 
### Recipient restrictions. 
#smtpd_recipient_restrictions =
#       check_recipient_access hash:/etc/postfix/denied_recipients
#       permit_mynetworks
#       check_recipient_testsend hash:/etc/postfix/testsend
#       reject_unauth_destination
#       reject_unknown_recipient_domain
#       reject_unverified_recipient

Which lines do I need to enable here, in what order, to tell Postfix that if it receives an email, first check if the recipient/s in are not in a blocked list, if not pass on.

Thanks!
 
Login or Register to Ask a Question

Previous Thread | Next Thread

10 More Discussions You Might Find Interesting

1. UNIX and Linux Applications

Postfix: Active Directory and postfix alias

I have a mailserver with postfix i want to alias all mail for administrator@domain.fqdn to root@domain.fqdn I have the aliases configured,and i did newliases but doesn't work. How to did this?Postfix is configured for virtual domain on ad server. (2 Replies)
Discussion started by: Linusolaradm1
2 Replies

2. Linux

Configure Postfix to relay to Exchange Server with NTLM authentication

Hello I have a shell script, which should send email, if any error occurred. This script is running in Red Hat Linux 4.6, and want to configure postfix so it can relay to an Exchange Server. The Authorization method of Exchange server, I guess is: 250-AUTH NTLM. So I have: Server A ( Red... (1 Reply)
Discussion started by: viktor1985
1 Replies

3. Shell Programming and Scripting

Configure Cyrus SASL NTLM Plugin with Postfix

Hello I hope somebody can help with this. I have a shell, that in case of failure, sends an email (relaying through an Exchange Server). This Exchange server only offers NTLM authentication. 250-AUTH NTLM This is the configuration I have: Postfix 2.1.1 as client. Cyrus-SASL... (1 Reply)
Discussion started by: viktor1985
1 Replies

4. UNIX for Dummies Questions & Answers

Configure Cyrus SASL NTLM Plugin with Postfix

Hello I hope somebody can help with this. I have a shell, that in case of failure, sends an email (relaying through an Exchange Server). This Exchange server only offers NTLM authentication. 250-AUTH NTLM This is the configuration I have: Postfix 2.1.1 as client. Cyrus-SASL... (1 Reply)
Discussion started by: viktor1985
1 Replies

5. UNIX for Dummies Questions & Answers

Please help with Postfix config issue - How to allow remote Exchange server to relay to my postfix

Hi guys One of our clients have a problem with sending email to a certain domain. No matter what we try, the mails just dont get delivered. What I did then, is created a new connector on their Exchange server, pointing all mail sent to their client at "domain1" to relay to our Postfix mail... (0 Replies)
Discussion started by: wbdevilliers
0 Replies

6. Shell Programming and Scripting

Mailx Recipient and Name Script

Hi To All, I have a file with email addresses, most of which have names associated with them, it looks like this: http://img230.imageshack.us/img230/8255/94731317.th.jpg I am trying to come up with a script to use mailx (or anything else really) to send an email to... (4 Replies)
Discussion started by: slicker
4 Replies

7. IP Networking

postfix - reinject mail to postfix from hold queue directory

hi all. Am using smtpd_recipient_restrictions & check_recipient_access in postfix. The hash file looks like this: emailaddress1 HOLD emailaddress2 HOLD The aim is to place email from these recipients in the hold directory,check them then reinject them back in postfix on some... (0 Replies)
Discussion started by: coolatt
0 Replies

8. UNIX for Dummies Questions & Answers

mailx recipient restriction

maybe a simple question, but i've looked around and not been able to find anything. is there a restriction on how many recipients can be used in a single mailx command? whether it's a numeric restriction or a size restriction (like 256k for the whole recipient parameter). thanks a lot. (6 Replies)
Discussion started by: chris32680
6 Replies

9. UNIX for Dummies Questions & Answers

sendmail recipient issue

I can send external emails from one of my unix boxes but can no longer send internal emails, i have used mailx -v to see what's going on and it seems there is a problem with the RCPT TO part of the log It seems to add name@nsmail1.mydmn.gov.uk When it should be just name@mydmn.gov.uk The... (1 Reply)
Discussion started by: supadid
1 Replies

10. UNIX for Dummies Questions & Answers

Unknown recipient when using metasend

Hi, We use metasend to send e-mail from our app. This works fine with most kinds of mail, for example plain text, HTML with images and mail with attachments. But we still have one problem: If the to-address is misspelled, then still everything seems to be fine. We don't get any message back... (4 Replies)
Discussion started by: sjohnsen
4 Replies
Login or Register to Ask a Question

LEARN ABOUT OSX

verify

VERIFY(8)						      System Manager's Manual							 VERIFY(8)

NAME

       verify - Postfix address verification server

SYNOPSIS

       verify [generic Postfix daemon options]

DESCRIPTION

       The verify(8) address verification server maintains a record of what recipient addresses are known to be deliverable or undeliverable.

       Addresses  are  verified  by  injecting probe messages into the Postfix queue. Probe messages are run through all the routing and rewriting
       machinery except for final delivery, and are discarded rather than being deferred or bounced.

       Address verification relies on the answer from the nearest MTA for the specified address, and will therefore not detect	all  undeliverable
       addresses.

       The verify(8) server is designed to run under control by the Postfix master server. It maintains an optional persistent database.  To avoid
       being interrupted by "postfix stop" in the middle of a database update, the process runs in a separate process group.

       The verify(8) server implements the following requests:

       update address status text
	      Update the status and text of the specified address.

       query address
	      Look up the status and text for the specified address.  If the status is unknown, a probe is sent and an	"in  progress"	status	is
	      returned.

SECURITY

       The  address verification server is not security-sensitive. It does not talk to the network, and it does not talk to local users.  The ver-
       ify server can run chrooted at fixed low privilege.

       The address verification server can be coerced to store unlimited amounts of garbage. Limiting the cache expiry	time  trades  one  problem
       (disk space exhaustion) for another one (poor response time to client requests).

       With Postfix version 2.5 and later, the verify(8) server no longer uses root privileges when opening the address_verify_map cache file. The
       file should now be stored under the Postfix-owned data_directory.  As a migration aid, an attempt to open a cache file under a  non-Postfix
       directory is redirected to the Postfix-owned data_directory, and a warning is logged.

DIAGNOSTICS

       Problems and transactions are logged to syslogd(8).

BUGS

       Address	verification probe messages add additional traffic to the mail queue.  Recipient verification may cause an increased load on down-
       stream servers in the case of a dictionary attack or a flood of backscatter bounces.  Sender address verification may cause your site to be
       blacklisted by some providers.

       If the persistent database ever gets corrupted then the world comes to an end and human intervention is needed. This violates a basic Post-
       fix principle.

CONFIGURATION PARAMETERS

       Changes to main.cf are not picked up automatically, as verify(8) processes are long-lived. Use the command "postfix reload" after a config-
       uration change.

       The text below provides only a parameter summary. See postconf(5) for more details including examples.

PROBE MESSAGE CONTROLS

       address_verify_sender ($double_bounce_sender)
	      The sender address to use in address verification probes; prior to Postfix 2.5 the default was "postmaster".

       Available with Postfix 2.9 and later:

       address_verify_sender_ttl (0s)
	      The time between changes in the time-dependent portion of address verification probe sender addresses.

CACHE CONTROLS

       address_verify_map (see 'postconf -d' output)
	      Lookup table for persistent address verification status storage.

       address_verify_positive_expire_time (31d)
	      The time after which a successful probe expires from the address verification cache.

       address_verify_positive_refresh_time (7d)
	      The time after which a successful address verification probe needs to be refreshed.

       address_verify_negative_cache (yes)
	      Enable caching of failed address verification probe results.

       address_verify_negative_expire_time (3d)
	      The time after which a failed probe expires from the address verification cache.

       address_verify_negative_refresh_time (3h)
	      The time after which a failed address verification probe needs to be refreshed.

       Available with Postfix 2.7 and later:

       address_verify_cache_cleanup_interval (12h)
	      The amount of time between verify(8) address verification database cleanup runs.

PROBE MESSAGE ROUTING CONTROLS

       By default, probe messages are delivered via the same route as regular messages.  The following parameters can be used to override specific
       message routing mechanisms.

       address_verify_relayhost ($relayhost)
	      Overrides the relayhost parameter setting for address verification probes.

       address_verify_transport_maps ($transport_maps)
	      Overrides the transport_maps parameter setting for address verification probes.

       address_verify_local_transport ($local_transport)
	      Overrides the local_transport parameter setting for address verification probes.

       address_verify_virtual_transport ($virtual_transport)
	      Overrides the virtual_transport parameter setting for address verification probes.

       address_verify_relay_transport ($relay_transport)
	      Overrides the relay_transport parameter setting for address verification probes.

       address_verify_default_transport ($default_transport)
	      Overrides the default_transport parameter setting for address verification probes.

       Available in Postfix 2.3 and later:

       address_verify_sender_dependent_relayhost_maps ($sender_dependent_relayhost_maps)
	      Overrides the sender_dependent_relayhost_maps parameter setting for address verification probes.

       Available in Postfix 2.7 and later:

       address_verify_sender_dependent_default_transport_maps ($sender_dependent_default_transport_maps)
	      Overrides the sender_dependent_default_transport_maps parameter setting for address verification probes.

MISCELLANEOUS CONTROLS

       config_directory (see 'postconf -d' output)
	      The default location of the Postfix main.cf and master.cf configuration files.

       daemon_timeout (18000s)
	      How much time a Postfix daemon process may take to handle a request before it is terminated by a built-in watchdog timer.

       ipc_timeout (3600s)
	      The time limit for sending or receiving information over an internal communication channel.

       process_id (read-only)
	      The process ID of a Postfix command or daemon process.

       process_name (read-only)
	      The process name of a Postfix command or daemon process.

       queue_directory (see 'postconf -d' output)
	      The location of the Postfix top-level queue directory.

       syslog_facility (mail)
	      The syslog facility of Postfix logging.

       syslog_name (see 'postconf -d' output)
	      The mail system name that is prepended to the process name in syslog records, so that "smtpd" becomes, for example, "postfix/smtpd".

SEE ALSO

       smtpd(8), Postfix SMTP server
       cleanup(8), enqueue Postfix message
       postconf(5), configuration parameters
       syslogd(5), system logging

README FILES

       Use "postconf readme_directory" or "postconf html_directory" to locate this information.
       ADDRESS_VERIFICATION_README, address verification howto

LICENSE

       The Secure Mailer license must be distributed with this software.

HISTORY

       This service was introduced with Postfix version 2.1.

AUTHOR(S)
       Wietse Venema
       IBM T.J. Watson Research
       P.O. Box 704
       Yorktown Heights, NY 10598, USA

																	 VERIFY(8)