#!!# ACL that is used after the RCPT command on the submission port
check_submission:
+ # Accept if the source is local SMTP (i.e. not over TCP/IP).
+ # We do this by testing for an empty sending host field.
+ accept hosts = : 127.0.0.1
# Defer after too many bad RCPT TO's. Legit MTAs will retry later.
# This is a rough pass at preventing addres harvesting or other mail blasts.
defer
ratelimit = 5 / 60m / per_rcpt / $sender_host_address
+ !hosts = +debianhosts
message = sorry, only 5 reports per hour for submission
+ accept domains = +local_domains
+ hosts = +debianhosts
+ endpass
+ message = unknown user
+ verify = recipient
+
+ accept domains = +mailhubdomains
+ endpass
+ message = unknown user
+ verify = recipient/callout=30s,defer_ok,use_sender,no_cache
+
accept domains = +submission_domains
endpass
message = unknown user
accept domains = +mailhubdomains
endpass
message = unknown user
- verify = recipient/callout,defer_ok
+ verify = recipient/callout=30s,defer_ok,use_sender,no_cache
accept domains = +handled_domains
endpass
remote_smtp_smarthost:
debug_print = "T: remote_smtp_smarthost for $local_part@$domain"
driver = smtp
-.ifdef SMARTHOST_PORT
- port = SMARTHOST_PORT
+.ifdef SMARTHST_PORT
+ port = SMARTHST_PORT
.endif
.ifdef USE_TLS
tls_tempfail_tryclear = false