horok/postfix
1
0
Fork 0
Code Activity
postfix/proto/LOCAL_RECIPIENT_README.html
Daniel Baumann 75cf244379
Adding upstream version 3.10.2. 
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
2025-06-21 14:19:32 +02:00

210 lines
7 KiB
HTML
Raw Permalink Blame History

<!doctype html public "-//W3C//DTD HTML 4.01 Transitional//EN"
"https://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<title>Rejecting Unknown Local Recipients with Postfix</title>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<link rel='stylesheet' type='text/css' href='postfix-doc.css'>
</head>
<body>
<h1><img src="postfix-logo.jpg" width="203" height="98" ALT="">Rejecting Unknown Local Recipients with Postfix</h1>
<hr>
<h2>Introduction</h2>
<p> As of Postfix version 2.0, the Postfix SMTP server rejects mail
for unknown recipients in local domains (domains that match
$mydestination or the IP addresses in $inet_interfaces or
$proxy_interfaces) with "User unknown in local recipient table".
This feature was optional with earlier Postfix versions. </p>
<p> The good news is that this keeps undeliverable mail out of your
queue, so that your mail queue is not clogged up with undeliverable
MAILER-DAEMON messages. </p>
<p> The bad news is that it may cause mail to be rejected when you
upgrade from a Postfix system that was not configured to reject
mail for unknown local recipients. </p>
<p> This document describes what steps are needed in order to reject
unknown local recipients correctly. </p>
<ul>
<li><a href="#main_config">Configuring local_recipient_maps
in main.cf</a>
<li><a href="#change">When you need to change the local_recipient_maps
setting in main.cf</a>
<li><a href="#format">Local recipient table query format </a>
</ul>
<h2><a name="main_config">Configuring local_recipient_maps
in main.cf</a></h2>
<p> The local_recipient_maps parameter specifies lookup tables with
all names or addresses of local recipients. A recipient address is
local when its domain matches $mydestination, $inet_interfaces or
$proxy_interfaces. If a local username or address is not listed in
$local_recipient_maps, then the Postfix SMTP server will reject
the address with "User unknown in local recipient table". Other
interfaces such as the Postfix sendmail(1) command may still accept
an "unknown" recipient. </p>
<p> The default setting, shown below, assumes that you use the
default Postfix local(8) delivery agent for local delivery, where
recipients are either UNIX accounts (typically, in /etc/passwd) or
local aliases (typically, in /etc/aliases): </p>
<blockquote>
<pre>
/etc/postfix/main.cf:
local_recipient_maps = proxy:unix:passwd.byname $alias_maps
</pre>
</blockquote>
<p> To turn off unknown local recipient rejects by the SMTP server,
specify: </p>
<blockquote>
<pre>
/etc/postfix/main.cf:
local_recipient_maps =
</pre>
</blockquote>
<p> That is, an empty value. With this setting, the Postfix SMTP
server will not reject mail with "User unknown in local recipient
table". <b> Don't do this on systems that receive mail directly
from the Internet. With today's worms and viruses, Postfix will
become a backscatter source: it accepts mail for non-existent
recipients and then tries to return that mail as "undeliverable"
to the often forged sender address</b>. </p>
<h2><a name="change">When you need to change the local_recipient_maps
setting in main.cf</a></h2>
<ul>
<li> <p> Problem: you don't use the default Postfix local(8)
delivery agent for domains matching $mydestination, $inet_interfaces,
or $proxy_interfaces. For example, you redefined the
"local_transport" setting in main.cf. </p>
<p> Solution: your local_recipient_maps setting needs to specify
a database that lists all the known user names or addresses
for that delivery agent. For example, if you deliver users in
$mydestination etc. domains via the virtual(8) delivery agent,
specify: </p>
<pre>
/etc/postfix/main.cf
mydestination = $myhostname localhost.$mydomain localhost ...
local_transport = virtual
local_recipient_maps = $virtual_mailbox_maps
</pre>
<p> If you don't use the local(8) or virtual(8) delivery agent
for $mydestination
etc. domains, see the section "<a href="#format">Local recipient
table format</a>" below for a description of how the table
should be populated. </p>
<li> <p> Problem: you use the mailbox_transport or fallback_transport
feature of the Postfix local(8) delivery agent in order to
deliver mail to non-UNIX recipients. </p>
<p> Solution: you need to add the database that lists the
non-UNIX recipients: </p>
<pre>
/etc/postfix/main.cf
local_recipient_maps = proxy:unix:passwd.byname, $alias_maps,
&lt;the database with non-UNIX recipients&gt;
</pre>
<p> See the section "<a href="#format">Local recipient table
format</a>" below for a description of how the table should be
populated. </p>
<li> <p> Problem: you use the luser_relay feature of the Postfix
local delivery agent. </p>
<p> Solution: you must disable the local_recipient_maps feature
completely, so that the Postfix SMTP server accepts mail for
all local addresses: </p>
<pre>
/etc/postfix/main.cf
local_recipient_maps =
</pre>
</ul>
<h2><a name="format">Local recipient table query format</a> </h2>
<p> If local_recipient_maps specifies local files, such as files in
postmap(1) or postalias(1) format, then the Postfix SMTP server
generates the following queries: </p>
<ul>
<li> <p> The full recipient address. This query supports a non-default
local_transport setting with a delivery agent such as lmtp(8) or
virtual(8). See "<a href="#main_config">Configuring local_recipient_maps
in main.cf</a>: for additional guidance for what lookup tables to
specify. </p>
<li> <p> The recipient address local-part. This query supports the
default local_transport setting with the UNIX-compatible local(8)
delivery agent; the Postfix SMTP server makes this query only when
the recipient domain matches $mydestination, $inet_interfaces or
$proxy_interfaces. </p>
<li> <p> The recipient @domain. This query supports a non-default
local_transport setting with a delivery agent such as virtual(8);
it is a wildcard for domains that do not have a valid recipient
list. </p>
</ul>
<p> NOTES: </p>
<ul>
<li> <p> A lookup table should return a non-empty result when the
address exists, and should return "not found" when the address does
not exist. In particular, a zero-length (empty) result does not
count as a "not found" result. </p>
<li> <p> When local_recipient_maps specifies a lookup table based
on ldap:, memcache:, mongodb:, mysql:, pgsql:, sqlite:, or other
external database, then the Postfix SMTP server queries that lookup
table with the same queries as described at the start of this
section, and expects the same results. </p>
<li> <p> To suppress lookups for the <i>local-part</i> and the
<i>@domain</i> wild-card, specify the <b>domain</b> setting in a
Postfix ldap:, memcache:, mongodb:, mysql:, pgsql:, sqlite:, etc.,
database client configuration file. </p>
<li> <p> When local_recipient_maps specifies a lookup table based
on pcre:, regexp:, socketmap: or tcp:, Postfix queries that table
only with the full recipient address, and not with the <i>local-part</i>
or the <i>@domain</i> wild-card. </p>
</ul>
</body>
</html>
View git blame Copy permalink