Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Disable VRFY command in Postfix command #722

merged 1 commit into from May 17, 2019


None yet
2 participants
Copy link

commented May 10, 2019

The problem

Some server scan on internet each mail server and try to detect the email adress. After the email adress is found some spam are send.

The result is by example this :


Block the VRFY command in Postfix wich give the possibility to do that on the server.

PR Status

Tested and it work. But need to be tested more deeply. By example if it break something.

How to test

Enable the option disable_vrfy_command in the main postfix config.
Launch this:

# nc localhost 25
220 domain.tld Service ready
VRFY email@domain.tld
502 5.5.1 VRFY command is disabled


  • Principle agreement 0/2 :
  • Quick review 0/1 :
  • Simple test 0/1 :
  • Deep review 0/1 :

@alexAubin alexAubin added this to the 3.6.x milestone May 10, 2019

Copy link

left a comment


Asked to a friend who's a mail expert :

VRFY n'est normalement plus utilisé depuis longtemps (ça permet une attaque d'énumération des adresses par des spammers)


This comment has been minimized.

Copy link

commented May 14, 2019

Merging soon™

@alexAubin alexAubin merged commit f49b74f into stretch-unstable May 17, 2019

2 checks passed

continuous-integration/travis-ci/pr The Travis CI build passed
continuous-integration/travis-ci/push The Travis CI build passed

@alexAubin alexAubin deleted the disable_vrfy_command_postfix branch May 17, 2019

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.