domain alias + reject_unverified_recipient

[vipin65]

I am using alias domain on open source version 6 .
To stop bounce spam trafic I have to add
"reject_unverified_recipient" in file "postfix_recipient_restrictions.cf"
But after doing this we frequentelly get following message in mail clinets (Out Look Express)
" 450 <username@domain.com>:Recipient address rejected: unverified address: Address verification in progress"
Is there any way to over come this problem. I searching forum from last 3 days but could not find any soloution.

[phoenix]

Quote:

Originally Posted by vipin65

Is there any way to over come this problem.

Don't use it unless you're a mail relay host, it's not necessary: Postfix Address Verification

[vipin65]

Thanks for prompt reply. Our server is relay host (on public IP and can send mail to any server in the world ) if we remove "reject_unverified_recipient" our server start flooding bounce messages and we get black listed on many mail server. I tried many other option but could not find solution.

[phoenix]

Quote:

Originally Posted by vipin65

Thanks for prompt reply. Our server is relay host (on public IP and can send mail to any server in the world )

It's a relay host for whom?

Quote:

Originally Posted by vipin65

if we remove "reject_unverified_recipient" our server start flooding bounce messages and we get black listed on many mail server. I tried many other option but could not find solution.

What other options have you tried (please describe in detail)? Is the person that's getting rejected a valid user of your server?

[vipin65]

Quote:

Originally Posted by phoenix

It's a relay host for whom?
I mean if mail is not for local domain it is relayed to destination server.So when user send mail to external domain it is relayed.

What other options have you tried (please describe in detail)? Is the person that's getting rejected a valid user of your server?

I tried /opt/zimbra/conf/zmmta.cf smtpd_reject_unlisted_recipients 'yes' but no effect because our case is domain alias. I followed Managing Domains - Zimbra :: Wiki for domain alias.

User (sender) get 450 error on his mail client or 550 that id do not exist on remote server. What I want sever should accept mail from authenticated/local user and bounce back in case of failure. While in case of external/remote mail server should not accept mail through SMTP but give 550 error if RCPT TO not exist on our server.

[phoenix]

Please update your forum profile with the output of the following command (do not post it in this thread):

Code:

zmcontrol -v

Quote:

Originally Posted by vipin65

I tried /opt/zimbra/conf/zmmta.cf smtpd_reject_unlisted_recipients 'yes' but no effect because our case is domain alias. I followed Managing Domains - Zimbra :: Wiki for domain alias.

This is the reason you should not be using a catchall account, can you not achieve this in any other manner?

Quote:

Originally Posted by vipin65

(sender) get 450 error on his mail client or 550 that id do not exist on remote server. What I want sever should accept mail from authenticated/local user and bounce back in case of failure.

This won't work while you are using a catchall on your server.

I asked you earlier who you are relaying for, who is it (are these just authenticated users)?

[vipin65]

I have update profile.
If there is some better way to handle domain alias pls. let me know I will follow that. We have 2 domain.
Our deployment is simple single server for small office with approx 50 users.
We are not relaying for anybody yes just authenticated users relaying.
Regards
Vipin

[phoenix]

Quote:

Originally Posted by vipin65

I have update profile.
If there is some better way to handle domain alias pls. let me know I will follow that. We have 2 domain.
Our deployment is simple single server for small office with approx 50 users.
We are not relaying for anybody yes just authenticated users relaying.
Regards
Vipin

Remove the domain alias settings you've created (especially the catchall) then add a second domain to your server and give every user an alias email address for that domain. You can then use this: Improving Anti-spam system - Zimbra :: Wiki to get rid of unwanted email and some of the other techniques in that article.

[vipin65]

hmm.. finally I have to remove domain alias no other choice.

[MajorTermi]

I think the problem you experienced might be affected by two options:

a) The order in which the different actions are listed in smtpd_recipient_restrictions seems to matter. I added the "reject_unverified_recipient" option last, just before the "permit" option.

b) The "unverified_sender_defer_code" option is set to "450" by default. Therefore, if a temporary error occurs during recipient verification, the server will send a temporary error to the client, resulting in the error message. By setting this option to "250", the server will accept the recipient address, if it cannot be verified right now. Thus, the server will only send an error to the client, if the address cannot be verified because of a permanent problem.

Please tell me, if this options work for you. I am currently evaluating ZCS Network Edition and for the tests I performed, it works. However, I would like to know, if it also works in other setups before possible moving our production system to ZCS.