Postfix Address Verification

[Seamus Allan]

Mail from the internet hits the "Gateway" machine with MailScanner and 
postfix. The clean mail is then forwarded to the "Hub" machine, running 
windows and Mail Enable Enterprise.

What was happening is that bulk mailers were targeting abcd at domain.com, 
and a bunch of this was getting through the Gateway as all it knew about 
was the domains that it was allowed to forward, and where to send them 
(transport map pointing to the Hub machine). The Hub machine was 
replying 550 mailbox does not exist, and so the Gateway was trying to 
send bounce messages back to a non existent mailbox where the spam 
originated from.

So, as per documentation (on the MailScanner docs, Postfix website), I 
set up verification on the Gatekeeper machine, such that when a mail 
comes in, postfix looks in the transport map, then queries the Hub 
machine as to whether the mailbox exists or now. Then the Gateway 
machine can reject the mail "at the door" (solving bandwidth, load and 
bounce issues).

This worked pretty much OK, until I realised that mail was not being 
delivered for some (a lot as it turned out) of domains. A look in the 
maillog was showing that mail to these domains was being rejected by the 
Gatekeeper (presumably the verification mechanism) with a 400 error of 
Domain Not Found (as in previous log entries that have been posted).
I suspected at first that the Hub machine was blocking access, but 
nothing in the logs indicate this (on either machines).

So I'm a bit lost
Hope this helps someone help me,

Cheers

Seamus



>>
> Thing is, I'm still not too clear on which postfix is telling you
> this.... "external" or "internal"... Am slightly "muddled" ATM, but
> ... does both recognize that they are to handle that particular
> domain? And it's users? How did you set the verification up on both of
> them?
> I might be completely "muddled", so please set me straight:-)
>
> Cheers