From 45743fcc30ad310da0ef306d6319face3604ac4d Mon Sep 17 00:00:00 2001 From: Guilhem Moulin Date: Mon, 15 May 2017 23:31:13 +0200 Subject: Use blackhole subdomain for sender addresses of verify probes. MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit These addresses need to be accepted on the MX:es, as recipients sometimes phone back during the SMTP session to check whether the sender exists. Since a time-dependent suffix is added to the local part (cf. http://www.postfix.org/postconf.5.html#address_verify_sender_ttl) it's not enough to drop incoming mails to ‘double-bounce@fripost.org’, and it's impractical to do the same for /^double-bounce.*@fripost\.org$/. --- roles/MSA/templates/etc/postfix/main.cf.j2 | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'roles/MSA') diff --git a/roles/MSA/templates/etc/postfix/main.cf.j2 b/roles/MSA/templates/etc/postfix/main.cf.j2 index cbd5264..f5f0834 100644 --- a/roles/MSA/templates/etc/postfix/main.cf.j2 +++ b/roles/MSA/templates/etc/postfix/main.cf.j2 @@ -80,7 +80,7 @@ strict_rfc821_envelopes = yes smtpd_delay_reject = yes disable_vrfy_command = yes -address_verify_sender = $double_bounce_sender@$mydomain +address_verify_sender = $double_bounce_sender@noreply.$mydomain address_verify_sender_ttl = 24h unverified_recipient_defer_code = 250 unverified_recipient_reject_code = 550 -- cgit v1.2.3