← Back to branch summary

~ubuntu-branches/ubuntu/trusty/postfix/trusty-updates

« back to all changes in this revision

Viewing changes to html/ADDRESS_VERIFICATION_README.html

Tags: upstream-2.3.1
ImportĀ upstreamĀ versionĀ 2.3.1

Show diffs side-by-side

added added

removed removed

Lines of Context:
html/ADDRESS_VERIFICATION_README.html
35
35
with an unreplyable sender address.  </p>
36
36
 
37
37
<p> The technique may also be useful to block mail for undeliverable
38
 
recipients, for example on a mail relay host that does not have a
 
38
recipients, for example on a mail <a href="postconf.5.html#relayhost">relay host</a> that does not have a
39
39
list of all the valid recipient addresses. This prevents undeliverable
40
40
junk mail from entering the queue, so that Postfix doesn't have to
41
41
waste resources trying to send MAILER-DAEMON messages back. </p>
166
166
<p> When verification takes too long the Postfix SMTP server defers
167
167
the sender or recipient address with a 450 reply. Normal mail
168
168
clients will connect again after some delay.  The address verification
169
 
delay is configurable with the main.cf <a href="postconf.5.html#address_verify_poll_count">address_verify_poll_count</a>
 
169
delay is configurable with the <a href="postconf.5.html">main.cf</a> <a href="postconf.5.html#address_verify_poll_count">address_verify_poll_count</a>
170
170
and <a href="postconf.5.html#address_verify_poll_delay">address_verify_poll_delay</a> parameters.  See <a href="postconf.5.html">postconf(5)</a> for
171
171
details. </p>
172
172
 
230
230
rejects mail for the recipient address.  If a recipient probe
231
231
succeeds, then Postfix accepts mail for the recipient address. </p>
232
232
 
 
233
<p> By default, address verification results are not saved. To avoid
 
234
probing the same address repeatedly, you can store the result in a
 
235
<a href="#caching">persistent database</a> as described later.  </p>
 
236
 
233
237
<blockquote>
234
238
<pre>
235
 
/etc/postfix/main.cf:
 
239
/etc/postfix/<a href="postconf.5.html">main.cf</a>:
236
240
    <a href="postconf.5.html#smtpd_recipient_restrictions">smtpd_recipient_restrictions</a> = 
237
241
        <a href="postconf.5.html#permit_mynetworks">permit_mynetworks</a>
238
242
        <a href="postconf.5.html#reject_unauth_destination">reject_unauth_destination</a>
259
263
 
260
264
<blockquote>
261
265
<pre>
262
 
/etc/postfix/main.cf:
 
266
/etc/postfix/<a href="postconf.5.html">main.cf</a>:
263
267
    <a href="postconf.5.html#smtpd_sender_restrictions">smtpd_sender_restrictions</a> = hash:/etc/postfix/sender_access
264
268
    <a href="postconf.5.html#unverified_sender_reject_code">unverified_sender_reject_code</a> = 550
265
269
    # Note 1: Be sure to read the "<a href="#caching">Caching</a>" section below!
274
278
</pre>
275
279
</blockquote>
276
280
 
277
 
<p> A list of frequently forged MAIL FROM domains can be found at
278
 
<a href="http://www.monkeys.com/anti-spam/filtering/sender-domain-validate.in">http://www.monkeys.com/anti-spam/filtering/sender-domain-validate.in</a>.
279
 
</p>
 
281
<p> At some point in cyberspace/time, a list of frequently forged
 
282
MAIL FROM domains could be found at
 
283
<a href="http://www.monkeys.com/anti-spam/filtering/sender-domain-validate.in">http://www.monkeys.com/anti-spam/filtering/sender-domain-validate.in</a>.  </p>
280
284
 
281
285
<p> NOTE: One of the first things you might want to do is to turn
282
286
on sender address verification for all your own domains. </p>
296
300
 
297
301
<blockquote>
298
302
<pre>
299
 
/etc/postfix/main.cf:
 
303
/etc/postfix/<a href="postconf.5.html">main.cf</a>:
300
304
    <a href="postconf.5.html#smtpd_sender_restrictions">smtpd_sender_restrictions</a> = 
301
305
        <a href="postconf.5.html#permit_mynetworks">permit_mynetworks</a>
302
306
        ... 
344
348
<h2><a name="caching">Address verification database</a></h2>
345
349
 
346
350
<p> NOTE: By default, address verification information is not stored
347
 
in a persistent file. You have to specify one in main.cf (see
 
351
in a persistent file. You have to specify one in <a href="postconf.5.html">main.cf</a> (see
348
352
below). Persistent storage is off by default because it may need
349
353
more disk space than is available in your file system. </p>
350
354
 
354
358
page for details. </p>
355
359
 
356
360
<p> The <a href="postconf.5.html#address_verify_map">address_verify_map</a> (NOTE: singular) configuration parameter
357
 
specifies an optional persistent database for sender address
 
361
specifies an optional database for sender or recipient address
358
362
verification results.  If you don't specify a file, all address
359
363
verification information is lost after "postfix reload" or "postfix
360
364
stop". </p>
363
367
 
364
368
<blockquote>
365
369
<pre>
366
 
/etc/postfix/main.cf:
 
370
/etc/postfix/<a href="postconf.5.html">main.cf</a>:
367
371
    # Note: avoid hash files here. Use btree instead.
368
372
    <a href="postconf.5.html#address_verify_map">address_verify_map</a> = btree:/var/mta/verify
369
373
</pre>
416
420
 
417
421
<p> First, the <a href="postconf.5.html#address_verify_relayhost">address_verify_relayhost</a> parameter allows you to
418
422
override the <a href="postconf.5.html#relayhost">relayhost</a> setting, and the <a href="postconf.5.html#address_verify_transport_maps">address_verify_transport_maps</a>
419
 
parameter allows you to override the <a href="postconf.5.html#transport_maps">transport_maps</a> setting. </p>
 
423
parameter allows you to override the <a href="postconf.5.html#transport_maps">transport_maps</a> setting. 
 
424
The <a href="postconf.5.html#address_verify_sender_dependent_relayhost_maps">address_verify_sender_dependent_relayhost_maps</a> parameter
 
425
does the same for sender-dependent <a href="postconf.5.html#relayhost">relayhost</a> selection. </p>
420
426
 
421
427
<p> Second, each address class is given its own address verification
422
428
version of the message delivery transport, as shown in the table
461
467
 
462
468
<blockquote>
463
469
<pre>
464
 
/etc/postfix/main.cf:
 
470
/etc/postfix/<a href="postconf.5.html">main.cf</a>:
465
471
    <a href="postconf.5.html#relayhost">relayhost</a> = $<a href="postconf.5.html#mydomain">mydomain</a>
466
472
    <a href="postconf.5.html#address_verify_relayhost">address_verify_relayhost</a> =
467
473
    ...
474
480
 
475
481
<blockquote>
476
482
<pre>
477
 
/etc/postfix/main.cf:
 
483
/etc/postfix/<a href="postconf.5.html">main.cf</a>:
478
484
    <a href="postconf.5.html#relayhost">relayhost</a> = $<a href="postconf.5.html#mydomain">mydomain</a>
479
485
    <a href="postconf.5.html#address_verify_relayhost">address_verify_relayhost</a> =
480
486
    <a href="postconf.5.html#address_verify_default_transport">address_verify_default_transport</a> = direct_smtp
481
487
 
482
 
/etc/postfix/master.cf:
 
488
/etc/postfix/<a href="master.5.html">master.cf</a>:
483
489
    direct_smtp .. .. .. ..  .. .. .. .. .. smtp
484
490
        -o <a href="postconf.5.html#smtp_helo_name">smtp_helo_name</a>=nat.box.tld
485
491
</pre>