Release 6.0.5_GA_2213.RHEL5_64_20100203001950 CentOS5_64 FOSS edition.
I've discovered something odd: if I connect from a local client, any rcpt to is accepted, valid or not; if I connect from a non-local client, invalid addresses in hosted domains are properly rejected.
The impact is to our spam filter, which validates addresses based on the rcpt to response: if it looks like a valid account, it creates its own account for quarantine, settings, etc, and thus a domain with a hundred or so users ends up with 28000 accounts in the spam filter... It also seems like it makes it a backscatter source...
It appears that the order is wrong in the postfix main.cf:
smtpd_recipient_restrictions = reject_non_fqdn_recipient, permit_sasl_authenticated, permit_mynetworks, reject_unauth_destination, reject_unlisted_recipient, reject_invalid_hostname, reject_non_fqdn_sender, permit
It seems like reject_unlisted_recipient (actually, all the rejects except for unauth_dest) should come before the permits.