Loading ...
Sorry, an error occurred while loading the content.
 

RE: Unknown user rejected correctly for domain, not subdomain

Expand Messages
  • MrC
    ... Thanks Viktor. It makes perfect sense now. I suspected parent_domain_matches_subdomains was a key, but wasn t sure, and wasn t expecting, for example, the
    Message 1 of 4 , Jun 1 11:46 PM
      > On Fri, Jun 01, 2007 at 10:17:37PM -0700, MrC wrote:
      >
      > > I found some spam today in my quarantine with an unlisted envelope
      > > recipient to a valid subdomain (eg.
      > unlisted@...>.
      > > I confused by this, as I do not allow unlisted recipients. Upon
      > > testing various recipients, I find that unlisted recipients to
      > > mydestination or virtual domains are rejected properly. However,
      > > postfix is accepting the same unlisted recipient if a
      > (valid) subdomain is used.
      > >
      > > $ telnet localhost 25
      > > ...
      > > MAIL FROM:<anyone@...>
      > > 250 2.1.0 Ok
      > > RCPT TO:<unlisted@...>
      > > 550 5.1.1 <unlisted@...>: Recipient address rejected:
      > > User unknown in virtual mailbox table RCPT
      > > TO:<unlisted@...>
      > > 250 2.1.5 Ok
      > > RCPT TO:<unlisted@...>
      > > 550 5.1.1 <unlisted@...>: Recipient address rejected: User
      > > unknown in local recipient table RCPT
      > TO:<unlisted@...>
      > > 450 4.1.2 <unlisted@...>: Recipient address
      > rejected:
      > > Domain not found RCPT TO:<unlisted@...>
      > > 250 2.1.5 Ok
      > >
      > > I've rescanned every line of my config files, and cannot see the
      > > reason why this is occurring, but I'm sure I must be
      > missing something.
      >
      > Defaults:
      >
      > relay_domains = $mydestination
      > parent_domain_matches_subdomains = ...,relay_domains,...
      > relay_recipient_maps =
      >
      > Backward compatibility considerations prevent changing the
      > defaults to values more sensible in 2007 than 1997. You can
      > override one or more of these to stop accepting mail for
      > random recipients in sub-domains of $mydestination.
      >
      > --
      > Viktor.

      Thanks Viktor.

      It makes perfect sense now. I suspected parent_domain_matches_subdomains
      was a key, but wasn't sure, and wasn't expecting, for example, the addition
      of a subdomain in DNS to allow the bypassing of recipient validation.

      Any thoughts on if/when the "eventually" in the postconf(5) description
      regarding the parent_domain_matches_subdomains planned backwards
      compatibility will be able to change to today's more sensible defaults?

      Thanks also Noel.

      Mike
    Your message has been successfully submitted and would be delivered to recipients shortly.