Re: Verify cache missing?
- On 8/11/2012 8:46 μμ, Wietse Venema wrote:
> You had tons of whitelisting rules that fire long before processingYes, all messages leaving from the server do so mainly either through
> would reach reject_unverified_recipient.
permit_mynetworks or permit_sasl_authenticated; So, I see, when
reject_unverified_recipient is at the end, a message would be accepted
based on those rules and would LATER undergo recipient checking and
fail, causing a bounce message, whereas, when
reject_unverified_recipient is at the start, the recipient is directly
checked, before the message is accepted, so it is directly rejected (and
the verify cache is used, too).
Before closing the thread, I would say that IMHO we were saying exactly
the same thing below (smtpd_recipient_restrictions was never being used
because it was at the end, which means that there were other rules that
in practice never allowed processing of rules to reach the end). :-)
On 8/11/2012 3:59 μμ, Wietse Venema wrote:
>> So, I conclude that in this case there is no such cache because
>> >reject_unverified_recipient is at the end of
>> >"smtpd_recipient_restrictions", so in essence it is never used...
> Bull. If some restriction AT THE END is not used, then you have
> some other restriction BEFORE THE END that does match.
... But only now I have figured out exactly what was happening.
Thanks and best regards,