On Sun, 2004-02-01 at 18:18 +0000, David Woodhouse wrote:
> On Sun, 2004-02-01 at 07:45 -0800, Bill Moseley wrote:
> > Right. Also I found that without the recipient callouts I ended up with
> > lots of frozen messages on the backup MX.
>
> Messages claiming to be _from_ invalid users at your domain, and also
> _to_ invalid users. You have to trust it and accept both, and then it
> turns out to be unbouncable.
Er, this is more likely to be bounce messages destined for invalid users
at your domain. Sender verification if done without defer_ok would
prevent the above from happening anyway. I'm not sure how to fix it
other than to refuse to accept bounces while the primary is down...
# Deny unknown recipient at relay domain, with callout but accepting
# temporary failures (else backup MX is pointless). Don't do callouts
# for mailman lists though, because they won't accept bounces.
deny !senders = :
domains = +relay_domains : +dns_virtual_domains
!verify = recipient/defer_ok/callout=20s,random,defer_ok
message = Unknown recipient at target domain
# For bounces, do it without defer_ok. This just means that bounces
# sit on someone _else's_ queue rather than ours, and it prevents the
# frozen messages when we accept bounces to invalid addresses in the
# domains we relay for.
deny senders = :
domains = +relay_domains : +dns_virtual_domains
!verify = recipient/callout=20s,random
message = Cannot verify recipient address
--
dwmw2
