Table of Contents
In this tutorial I will cover below topics
- How to deliver mails only to valid users on localhost
- How to reject mail for unknown users on localhost with Postfix
- How to reject unknown local recipients with Postfix
As of Postfix version 2.0, the Postfix SMTP server rejects mail for unknown recipients in local domains (domains that match $mydestination or the IP addresses in $inet_interfaces or $proxy_interfaces) with "User unknown in local recipient table". This feature was optional with earlier Postfix versions.
Enable local_recipient_maps
The local_recipient_maps parameter defines a list of places that Postfix can look to determine whether a local username is valid. The format of the value portion of local_recipient_maps is a comma or whitespace-separated list:
local_recipient_maps = $alias_maps unix:passwd.byname
The values defined for the parameter instruct Postfix where to look on the system to validate the message recipient address. The preceding example instructs Postfix to first check the aliases lookup table and then to use the Unix system password file.
Reject mail for unknown users
As mentioned earlier, after postfix 2.0 by default postfix will reject mail for unknown users. We can also define this explicitly by using local_recipient_maps in the below format. Add the following in your /etc/postfix/main.cf file
local_recipient_maps = $alias_maps unix:passwd.byname
Reload the postfix service
# systemctl reload postfix
Verify
I do not have user deepak on my postfix server.
# id deepak
id: ‘deepak’: no such user
So we will try to send mail to deepak user via telnet to verify the configuration
# telnet -4 localhost 25 Trying 127.0.0.1... Connected to localhost. Escape character is '^]'. 220 centos8-2.example.com ESMTP Postfix HELO mail.example.com 250 centos8-2.example.com MAIL FROM: <root@centos8-2.example.com> 250 2.1.0 Ok RCPT TO: <deepak@centos8-2.example.com> 550 5.1.1 <deepak@centos8-2.example.com>: Recipient address rejected: User unknown in local recipient table ^] telnet> quit Connection closed.
From the logs
Aug 02 02:21:20 centos8-2.example.com postfix/smtpd[9446]: NOQUEUE: reject: RCPT from localhost[127.0.0.1]: 550 5.1.1 <deepak@centos8-2.example.com>: Recipient address rejected: User unknown in local recipient table; from=<root@centos8-2.example.com> to=<deepak@centos8-2.example.com> proto=SMTP helo=<mail.example.com>
Aug 02 02:21:26 centos8-2.example.com postfix/smtpd[9446]: lost connection after RCPT from localhost[127.0.0.1]
Disable local_recipient_maps
To turn off unknown local recipient rejects by the SMTP server, specify local_recipient_maps with empty value as shown below in your /etc/postfix/main.cf:
local_recipient_maps =
Next reload the postfix service
# systemctl reload postfix
Verify the configuration
# telnet -4 localhost 25 Trying 127.0.0.1... Connected to localhost. Escape character is '^]'. 220 centos8-2.example.com ESMTP Postfix HELO mail.example.com 250 centos8-2.example.com MAIL FROM: <root@centos8-2.example.com> 250 2.1.0 Ok RCPT TO: <deepak@centos8-2.example.com> 250 2.1.5 Ok ^] telnet> quit Connection closed.
Now the mail is not rejected even though the user deepak doesn't exist on my localhost.
Conclusion
In this tutorial we learned how to reject mail for unknown users with postfix. We could also disable this check but this is not recommended on systems that receive mail directly from the Internet. With today's worms and viruses, Postfix will become a backscatter source: it accepts mail for non-existent recipients and then tries to return that mail as "undeliverable" to the often forged sender address
Lastly I hope the steps from the article to configure postfix to reject mail for unknown users on Linux was helpful. So, let me know your suggestions and feedback using the comment section.
References
I have used below external references for this tutorial guide
http://www.postfix.org/LOCAL_RECIPIENT_README.html
