How to allow bounces to authenticaded users

classic Classic list List threaded Threaded
3 messages Options
Reply | Threaded
Open this post in threaded view
|

How to allow bounces to authenticaded users

Håkon Alstadheim
I have a rather convoluted multi-instance setup that mostly works to my
liking, with spam-filters, hand-off to mailman, dkim-signing and
whatnot. One problem is that mis-typed outgoing addresses (host part)
from my local, authenticated users end up deferred (450) and not bounced
back to the sender. I am a bit wary of enabling bounces, but if I can
make sure that I don't bounce incoming mail, I should be OK.

Long story short, If in a specific postfix instance I am SURE I'm only
handling mail submitted by authenticated users, I should be OK to change
unknown_address_reject_code to 550 ?

I don't want to do the change in submit (before queue) because I have a
dance with DKIM signing before handing off to address-mapping and
further to relay/local delivery/mailman,

Reply | Threaded
Open this post in threaded view
|

Re: How to allow bounces to authenticaded users

Håkon Alstadheim
Sorry folks, I'm not entirely there today. Receiving MX may of course be
temporarily gone from DNS, so 450 it is. Pleas allow this thread to
disappear into oblivion. :-)


Den 21. okt. 2018 15:47, skrev Håkon Alstadheim:

> I have a rather convoluted multi-instance setup that mostly works to my
> liking, with spam-filters, hand-off to mailman, dkim-signing and
> whatnot. One problem is that mis-typed outgoing addresses (host part)
> from my local, authenticated users end up deferred (450) and not bounced
> back to the sender. I am a bit wary of enabling bounces, but if I can
> make sure that I don't bounce incoming mail, I should be OK.
>
> Long story short, If in a specific postfix instance I am SURE I'm only
> handling mail submitted by authenticated users, I should be OK to change
> unknown_address_reject_code to 550 ?
>
> I don't want to do the change in submit (before queue) because I have a
> dance with DKIM signing before handing off to address-mapping and
> further to relay/local delivery/mailman,
>

Reply | Threaded
Open this post in threaded view
|

Re: How to allow bounces to authenticaded users

Wietse Venema
In reply to this post by Håkon Alstadheim
H?kon Alstadheim:
> I have a rather convoluted multi-instance setup that mostly works to my
> liking, with spam-filters, hand-off to mailman, dkim-signing and
> whatnot. One problem is that mis-typed outgoing addresses (host part)
> from my local, authenticated users end up deferred (450) and not bounced
> back to the sender. I am a bit wary of enabling bounces, but if I can
> make sure that I don't bounce incoming mail, I should be OK.

You are not supposed to accept and deliver mail for a remote recipient
domain (whether it exists or not) from unauthenticated clients or
untrusted clients.  That would be an exploitable open relay.

As long as that condition is met, only authenticated or trusted
clients can specify a non-existent recipient domain.

> Long story short, If in a specific postfix instance I am SURE I'm only
> handling mail submitted by authenticated users, I should be OK to change
> unknown_address_reject_code to 550 ?

I think so. This controls the handling of a non-existent domain with
reject_unknown_recipient_domain and reject_unknown_sender_domain.

        Wietse

> I don't want to do the change in submit (before queue) because I have a
> dance with DKIM signing before handing off to address-mapping and
> further to relay/local delivery/mailman,
>
>