RReejjeeccttiinngg UUnnkknnoowwnn LLooccaall RReecciippiieennttss wwiitthh PPoossttffiixx ------------------------------------------------------------------------------- IInnttrroodduuccttiioonn As of Postfix version 2.0, the Postfix SMTP server rejects mail for unknown recipients in local domains (domains that match $mydestination or the IP addresses in $inet_interfaces or $proxy_interfaces) with "User unknown in local recipient table". This feature was optional with earlier Postfix versions. The good news is that this keeps undeliverable mail out of your queue, so that your mail queue is not clogged up with undeliverable MAILER-DAEMON messages. The bad news is that it may cause mail to be rejected when you upgrade from a Postfix system that was not configured to reject mail for unknown local recipients. This document describes what steps are needed in order to reject unknown local recipients correctly. * Configuring local_recipient_maps in main.cf * When you need to change the local_recipient_maps setting in main.cf * Local recipient table format CCoonnffiigguurriinngg llooccaall__rreecciippiieenntt__mmaappss iinn mmaaiinn..ccff The local_recipient_maps parameter specifies lookup tables with all names or addresses of local recipients. A recipient address is local when its domain matches $mydestination, $inet_interfaces or $proxy_interfaces. If a local username or address is not listed in $local_recipient_maps, then the Postfix SMTP server will reject the address with "User unknown in local recipient table". The default setting, shown below, assumes that you use the default Postfix local(8) delivery agent for local delivery, where recipients are either UNIX accounts or local aliases: /etc/postfix/main.cf: local_recipient_maps = proxy:unix:passwd.byname $alias_maps To turn off unknown local recipient rejects by the SMTP server, specify: /etc/postfix/main.cf: local_recipient_maps = That is, an empty value. With this setting, the Postfix SMTP server will not reject mail with "User unknown in local recipient table". DDoonn''tt ddoo tthhiiss oonn ssyysstteemmss tthhaatt rreecceeiivvee mmaaiill ddiirreeccttllyy ffrroomm tthhee IInntteerrnneett.. WWiitthh ttooddaayy''ss wwoorrmmss aanndd vviirruusseess,, PPoossttffiixx wwiillll bbeeccoommee aa bbaacckkssccaatttteerr ssoouurrccee:: iitt aacccceeppttss mmaaiill ffoorr nnoonn-- eexxiisstteenntt rreecciippiieennttss aanndd tthheenn ttrriieess ttoo rreettuurrnn tthhaatt mmaaiill aass ""uunnddeelliivveerraabbllee"" ttoo tthhee oofftteenn ffoorrggeedd sseennddeerr aaddddrreessss. WWhheenn yyoouu nneeeedd ttoo cchhaannggee tthhee llooccaall__rreecciippiieenntt__mmaappss sseettttiinngg iinn mmaaiinn..ccff * Problem: you don't use the default Postfix local(8) delivery agent for domains matching $mydestination, $inet_interfaces, or $proxy_interfaces. For example, you redefined the "local_transport" setting in main.cf. Solution: your local_recipient_maps setting needs to specify a database that lists all the known user names or addresses for that delivery agent. For example, if you deliver users in $mydestination etc. domains via the virtual(8) delivery agent, specify: /etc/postfix/main.cf mydestination = $myhostname localhost.$mydomain localhost ... local_transport = virtual local_recipient_maps = $virtual_mailbox_maps If you use a different delivery agent for $mydestination etc. domains, see the section "Local recipient table format" below for a description of how the table should be populated. * Problem: you use the mailbox_transport or fallback_transport feature of the Postfix local(8) delivery agent in order to deliver mail to non-UNIX accounts. Solution: you need to add the database that lists the non-UNIX users: /etc/postfix/main.cf local_recipient_maps = proxy:unix:passwd.byname, $alias_maps, See the section "Local recipient table format" below for a description of how the table should be populated. * Problem: you use the luser_relay feature of the Postfix local delivery agent. Solution: you must disable the local_recipient_maps feature completely, so that Postfix accepts mail for all local addresses: /etc/postfix/main.cf local_recipient_maps = LLooccaall rreecciippiieenntt ttaabbllee ffoorrmmaatt If you use local files in postmap(1) format, then local_recipient_maps expects the following table format: * In the left-hand side, specify a bare username, an "@domain.tld" wild-card, or specify a complete "user@domain.tld" address. * You have to specify something on the right-hand side of the table, but the value is ignored by local_recipient_maps. If you use lookup tables based on NIS, LDAP, MYSQL, or PGSQL, then local_recipient_maps does the same queries as for local files in postmap(1) format, and expects the same results. With regular expression tables, Postfix only queries with the full recipient address, and not with the bare username or the "@domain.tld" wild-card. NOTE: a lookup table should always return a result when the address exists, and should always return "not found" when the address does not exist. In particular, a zero-length result does not count as a "not found" result.