OT postfix recipient verification

Alex Neuman alex at rtpty.com
Wed Jan 6 20:26:09 GMT 2010

**DISABLING*** verification is potentially catastrophic, as it opens the possibility for someone to abuse your server. I don't believe servers should blindly accept e-mail for their users without verifying that those users exist in the first place.

On Jan 6, 2010, at 3:13 PM, Rick Cooper wrote:

>> change what the system does (by disabling recipient verification, which
>> is potentially catastrophic).
> Why would recipient verification be catastrophic? I would think any
> responsible system would verify recipients before accepting the mail.   
>> On Jan 6, 2010, at 1:10 PM, Jason Ede wrote:
>>> My response so far has been that they need to fix their list of email
>>> recipients to all be valid addresses as basic maintenance anyway, but
>>> they're worried that if someone on the To list leaves then emails will
>>> suddenly stop coming through again. Any ways round this?   
> The way I handle these distributions within our company(s) is these types of
> mails are sent to an alias that explodes into the actual recipients. I do
> this for the very reason stated, it's easier for me to replace someone on
> the alias list than manage all the points from which the contact might
> originate. Anything that relates to say sales at abc.com, service at abc.com is
> handled the same way. 

More information about the MailScanner mailing list