[Dovecot] Why deliver+usercheck? deliver+MTA?
lukashaase at gmx.at
Wed Oct 13 12:32:50 EEST 2010
I successfully configured dovecot using virtual users (and LDAP/AD).
deliver is the LDA and verifies if the user exists (as recommended in
However, the howtos in the Wiki say *nothing* about the case that the
recipients should be verified *before* receiving the messages (prevent
backscatter, ...). All configurations in the dovecot-Wiki (postfix and
exim) just accept the mails and pass them to deliver. Also, all howtos
which I found on the web. If the user does not exist, the mail is
bounced because the mail was already accepted by the MTA. Nowadays this
is an unacceptable configuration!
Is there a special reason why there is no discussion about this?
However, as postfix seems to be really too unflexible I have set up exim
to handle incoming mail and do the usercheck in the router (with an LDAP
query). But now the user is doubled-checked: Once when receiving with
exim and a second time in deliver. This is not necessary, so I guess I
can disable the LDAP query for deliver and set up a static userdb.
Why does the Wiki recommened to verfify with deliver when the user needs
to be checked at the MTA anyway?
More information about the dovecot