Acceptalladdresses, acceptvalidaddresses Channel Options
Envelope recipient validity checks (
When specified on a source channel, the
acceptalladdresses option causes all envelope recipient addresses to be accepted unconditionally. Rather than returning errors during the SMTP session, a delivery status notification, or DSN, will be returned later if the message cannot be delivered to the specified recipient. With
acceptalladdresses, various sorts of normally "invalid: recipient addresses will be accepted: syntactically invalid addresses, addresses of local users with problematic status (such as being "over quota" or "disabled" -- see the
ldap_domain_attr_mail_status MTA options), and recipients of messages that fail message acceptability checks. Relevant message acceptability checks include checking on whether a message: exceeds a configured sensitivity limit, or contains unnegotiated eight bit data (on a source channel marked
utf8strict), or contains too-long-for-SMTP lines (on a source channel marked
rejectsmtplonglines), or exceeds a configured message size limit (such as
alias_blocklimit, or [BLOCKLIMIT]) or message line limit (such as
alias_linelimit, or [LINELIMIT]) when the excessive size is detected after the DATA stage, or is entirely lacking in recipient header lines (on a source channel marked
missingrecipientpolicy 6, or if the MTA option
missing_recipient_policy=6 is set), or is rejected via the
AUTH_REWRITE mapping table. Setting
acceptalladdresses will also disable the SMTP protocol level rejection feature of the Sieve "
refuse" action; with
acceptalladdresses, addresses to be rejected due to application of a "
reject" action will be accepted during the SMTP dialogue, and instead a subsequent non-delivery DSN generated.
In contrast, setting the
acceptvalidaddresses option on a source channel causes all envelope recipient addresses to be validated prior to being accepted by the MTA. If an address fails to validate, an appropriate error will be returned to the client during the SMTP dialogue.
acceptvalidaddresses is the default.
Note that the MTA's default,
acceptvalidaddresses, behavior is normally far preferable to
acceptalladdresses: rejecting invalid addresses and messages "up front" rather than accepting them initially only to have to generate and send back a non-delivery notification later has advantages that should hardly need to be pointed out, including:
- Less work for the MTA. The reductions in work are in several areas, including: less processing required on incoming messages (in cases where a recipient address can be detected as invalid), less work generating non-delivery notification messages, less work attempting to deliver non-delivery notification messages, etc.
- Less network bandwidth required.
- Due to the above two points, less potential impact on throughput of other, valid, messages.
- Immediate (via an SMTP error) notification to e-mail clients of the error in their message, rather than a delayed notification via DSN.
- Avoiding "blow-back" spam, in cases of so-called "joe-job" (forged envelope From) spam.
acceptalladdresses can sometimes be useful in certain limited cases, such as when attempting to support poorly designed e-mail clients that fail to report SMTP errors correctly to the user. In such cases a DSN, while providing only a delayed indication rather than an immediate indication of an address or message problem, may be the only way to convey the MTA's accurate error information to the user. So appropriate use of
acceptalladdresses tends to be restricted to cases of special incoming TCP/IP channels dedicated for submission of messages by applications or user e-mail clients with known limitations;
*switchchannel effects, or else channels associated with special Dispatcher services listening on special ports or interface addresses, are features typically used for setting up such special channels.
Unconditional address acceptance (
acceptalladdresses) should be used with extreme care; in particular, it should never be used on a source channel that accepts unauthenticated transactions from the Internet. The problem with such usage is that spammers will attempt to send mail to invalid addresses, which will be accepted and later result in a DSN being returned. Since envelope From addresses on spam are commonly forged, this will turn the system into a major source of blowback spam and is likely to result in blacklisting and other operational issues.
These options were first added in MS 6.1.
Compare with the (new in 184.108.40.206.0)
defertemporaryfailures channel options.
- Notification messages
- ldap_user_mail_status MTA Option
- ldap_group_mail_status MTA Option
- ldap_domain_attr_mail_status Option
- sensitivitycompanyconfidential Option
- eightstrict Option
- utf8strict Option
- rejectsmtplonglines Option
- blocklimit Option
- sourceblocklimit Option
- block_limit MTA Option
- ldap_blocklimit MTA Option
- ldap_sourceblocklimit MTA Option
- ldap_maximum_message_size MTA Option
- ldap_domain_attr_blocklimit MTA Option
- ldap_domain_attr_sourceblocklimit MTA Option
- linelimit Option
- line_limit MTA Option
- alias_blocklimit Option
- alias_linelimit Option
- Alias file named parameters
- missingrecipientpolicy Option
- missing_recipient_policy MTA Option
- AUTH_REWRITE mapping table
- Sieve ereject and reject and refuse extensions
- Service group
- tcp_ports Option
- listenaddr Option
- accepttemporaryfailures Option
- defertemporaryfailures Option
- Addresses channel options
- Channel options