File: LOCAL_RECIPIENT_README.html

package info (click to toggle)
postfix 3.10.6-1
  • links: PTS, VCS
  • area: main
  • in suites: sid
  • size: 27,976 kB
  • sloc: ansic: 134,721; makefile: 17,984; sh: 6,971; perl: 2,796; python: 1,448; awk: 158
file content (210 lines) | stat: -rw-r--r-- 10,198 bytes parent folder | download | duplicates (4) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
 
<!doctype html public "-//W3C//DTD HTML 4.01 Transitional//EN"
        "https://www.w3.org/TR/html4/loose.dtd">

<html>

<head>

<title>Rejecting Unknown Local Recipients with Postfix</title>

<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<link rel='stylesheet' type='text/css' href='postfix-doc.css'>

</head>

<body>

<h1><img src="postfix-logo.jpg" width="203" height="98" ALT="">Rejecting Unknown Local Recipients with Postfix</h1>

<hr>

<h2>Introduction</h2>

<p> As of Postfix version 2.0, the Postfix SMTP server rejects mail
for unknown recipients in <a href="ADDRESS_CLASS_README.html#local_domain_class">local domains</a> (domains that match
$<a href="postconf.5.html#mydestination">mydestination</a> or the IP addresses in $<a href="postconf.5.html#inet_interfaces">inet_interfaces</a> or
$<a href="postconf.5.html#proxy_interfaces">proxy_interfaces</a>) with "User unknown in local recipient table".
This feature was optional with earlier Postfix versions. </p>

<p> The good news is that this keeps undeliverable mail out of your
queue, so that your mail queue is not clogged up with undeliverable
MAILER-DAEMON messages. </p>

<p> The bad news is that it may cause mail to be rejected when you
upgrade from a Postfix system that was not configured to reject
mail for unknown local recipients. </p>

<p> This document describes what steps are needed in order to reject
unknown local recipients correctly. </p>

<ul>

<li><a href="#main_config">Configuring local_recipient_maps
in main.cf</a>

<li><a href="#change">When you need to change the local_recipient_maps
setting in main.cf</a>

<li><a href="#format">Local recipient table query format </a>

</ul>

<h2><a name="main_config">Configuring local_recipient_maps
in main.cf</a></h2>

<p> The <a href="postconf.5.html#local_recipient_maps">local_recipient_maps</a> parameter specifies lookup tables with
all names or addresses of local recipients. A recipient address is
local when its domain matches $<a href="postconf.5.html#mydestination">mydestination</a>, $<a href="postconf.5.html#inet_interfaces">inet_interfaces</a> or
$<a href="postconf.5.html#proxy_interfaces">proxy_interfaces</a>. If a local username or address is not listed in
$<a href="postconf.5.html#local_recipient_maps">local_recipient_maps</a>, then the Postfix SMTP server will reject
the address with "User unknown in local recipient table". Other
interfaces such as the Postfix <a href="sendmail.1.html">sendmail(1)</a> command may still accept
an "unknown" recipient.  </p>

<p> The default setting, shown below, assumes that you use the
default Postfix <a href="local.8.html">local(8)</a> delivery agent for local delivery, where
recipients are either UNIX accounts (typically, in /etc/passwd) or
local aliases (typically, in /etc/aliases): </p>

<blockquote>
<pre>
/etc/postfix/<a href="postconf.5.html">main.cf</a>:
    <a href="postconf.5.html#local_recipient_maps">local_recipient_maps</a> = <a href="proxymap.8.html">proxy</a>:unix:passwd.byname $<a href="postconf.5.html#alias_maps">alias_maps</a>
</pre>
</blockquote>

<p> To turn off unknown local recipient rejects by the SMTP server,
specify: </p>

<blockquote>
<pre>
/etc/postfix/<a href="postconf.5.html">main.cf</a>:
    <a href="postconf.5.html#local_recipient_maps">local_recipient_maps</a> =
</pre>
</blockquote>

<p> That is, an empty value. With this setting, the Postfix SMTP
server will not reject mail with "User unknown in local recipient
table". <b> Don't do this on systems that receive mail directly 
from the Internet. With today's worms and viruses, Postfix will
become a backscatter source: it accepts mail for non-existent
recipients and then tries to return that mail as "undeliverable"
to the often forged sender address</b>. </p>

<h2><a name="change">When you need to change the local_recipient_maps
setting in main.cf</a></h2>

<ul>

    <li> <p> Problem: you don't use the default Postfix <a href="local.8.html">local(8)</a>
    delivery agent for domains matching $<a href="postconf.5.html#mydestination">mydestination</a>, $<a href="postconf.5.html#inet_interfaces">inet_interfaces</a>,
    or $<a href="postconf.5.html#proxy_interfaces">proxy_interfaces</a>. For example, you redefined the
    "<a href="postconf.5.html#local_transport">local_transport</a>" setting in <a href="postconf.5.html">main.cf</a>.  </p>

    <p> Solution: your <a href="postconf.5.html#local_recipient_maps">local_recipient_maps</a> setting needs to specify
    a database that lists all the known user names or addresses
    for that delivery agent. For example, if you deliver users in
    $<a href="postconf.5.html#mydestination">mydestination</a> etc. domains via the <a href="virtual.8.html">virtual(8)</a> delivery agent,
    specify: </p>

<pre>
/etc/postfix/<a href="postconf.5.html">main.cf</a>
    <a href="postconf.5.html#mydestination">mydestination</a> = $<a href="postconf.5.html#myhostname">myhostname</a> localhost.$<a href="postconf.5.html#mydomain">mydomain</a> localhost ...
    <a href="postconf.5.html#local_transport">local_transport</a> = virtual
    <a href="postconf.5.html#local_recipient_maps">local_recipient_maps</a> = $<a href="postconf.5.html#virtual_mailbox_maps">virtual_mailbox_maps</a>
</pre>

    <p> If you don't use the <a href="local.8.html">local(8)</a> or <a href="virtual.8.html">virtual(8)</a> delivery agent
    for $<a href="postconf.5.html#mydestination">mydestination</a>
    etc. domains, see the section "<a href="#format">Local recipient
    table format</a>" below for a description of how the table
    should be populated.  </p>

    <li> <p> Problem: you use the <a href="postconf.5.html#mailbox_transport">mailbox_transport</a> or <a href="postconf.5.html#fallback_transport">fallback_transport</a>
    feature of the Postfix <a href="local.8.html">local(8)</a> delivery agent in order to
    deliver mail to non-UNIX recipients. </p>

    <p> Solution: you need to add the database that lists the
    non-UNIX recipients: </p>

<pre>
/etc/postfix/<a href="postconf.5.html">main.cf</a>
    <a href="postconf.5.html#local_recipient_maps">local_recipient_maps</a> = <a href="proxymap.8.html">proxy</a>:unix:passwd.byname, $<a href="postconf.5.html#alias_maps">alias_maps</a>,
        &lt;the database with non-UNIX recipients&gt;
</pre>

    <p> See the section "<a href="#format">Local recipient table
    format</a>" below for a description of how the table should be
    populated. </p>

    <li> <p> Problem: you use the <a href="postconf.5.html#luser_relay">luser_relay</a> feature of the Postfix
    local delivery agent. </p>

    <p> Solution: you must disable the <a href="postconf.5.html#local_recipient_maps">local_recipient_maps</a> feature
    completely, so that the Postfix SMTP server accepts mail for
    all local addresses: </p>

<pre>
/etc/postfix/<a href="postconf.5.html">main.cf</a>
    <a href="postconf.5.html#local_recipient_maps">local_recipient_maps</a> =
</pre>

</ul>

<h2><a name="format">Local recipient table query format</a> </h2>

<p> If <a href="postconf.5.html#local_recipient_maps">local_recipient_maps</a> specifies local files, such as files in
<a href="postmap.1.html">postmap(1)</a> or <a href="postalias.1.html">postalias(1)</a> format, then the Postfix SMTP server
generates the following queries:  </p>

<ul>

<li> <p> The full recipient address. This query supports a non-default
<a href="postconf.5.html#local_transport">local_transport</a> setting with a delivery agent such as <a href="lmtp.8.html">lmtp(8)</a> or
virtual(8). See "<a href="#main_config">Configuring local_recipient_maps
in main.cf</a>: for additional guidance for what lookup tables to
specify. </p>

<li> <p> The recipient address local-part. This query supports the
default <a href="postconf.5.html#local_transport">local_transport</a> setting with the UNIX-compatible <a href="local.8.html">local(8)</a>
delivery agent; the Postfix SMTP server makes this query only when
the recipient domain matches $<a href="postconf.5.html#mydestination">mydestination</a>, $<a href="postconf.5.html#inet_interfaces">inet_interfaces</a> or
$<a href="postconf.5.html#proxy_interfaces">proxy_interfaces</a>. </p>

<li> <p> The recipient @domain. This query supports a non-default
<a href="postconf.5.html#local_transport">local_transport</a> setting with a delivery agent such as <a href="virtual.8.html">virtual(8)</a>;
it is a wildcard for domains that do not have a valid recipient
list. </p>

</ul>

<p> NOTES: </p>

<ul>

<li> <p> A lookup table should return a non-empty result when the
address exists, and should return "not found" when the address does
not exist. In particular, a zero-length (empty) result does not
count as a "not found" result. </p>

<li> <p> When <a href="postconf.5.html#local_recipient_maps">local_recipient_maps</a> specifies a lookup table based
on <a href="ldap_table.5.html">ldap</a>:, <a href="memcache_table.5.html">memcache</a>:, <a href="mongodb_table.5.html">mongodb</a>:, <a href="mysql_table.5.html">mysql</a>:, <a href="pgsql_table.5.html">pgsql</a>:, <a href="sqlite_table.5.html">sqlite</a>:, or other
external database, then the Postfix SMTP server queries that lookup
table with the same queries as described at the start of this
section, and expects the same results. </p>

<li> <p> To suppress lookups for the <i>local-part</i> and the
<i>@domain</i> wild-card, specify the <b>domain</b> setting in a
Postfix <a href="ldap_table.5.html">ldap</a>:, <a href="memcache_table.5.html">memcache</a>:, <a href="mongodb_table.5.html">mongodb</a>:, <a href="mysql_table.5.html">mysql</a>:, <a href="pgsql_table.5.html">pgsql</a>:, <a href="sqlite_table.5.html">sqlite</a>:, etc.,
database client configuration file. </p>

<li> <p> When <a href="postconf.5.html#local_recipient_maps">local_recipient_maps</a> specifies a lookup table based
on <a href="pcre_table.5.html">pcre</a>:, <a href="regexp_table.5.html">regexp</a>:, <a href="socketmap_table.html">socketmap</a>: or <a href="tcp_table.5.html">tcp</a>:, Postfix queries that table
only with the full recipient address, and not with the <i>local-part</i>
or the <i>@domain</i> wild-card. </p>

</ul>

</body>

</html>