Postfix restrict recipients

linux email postfix blacklist whitelist
6,317

Solution 1

A check_mumble_access table will never return a default value of REJECT; the fallthrough default is always DUNNO, meaning it will check the rest of the restrictions.

You also don't want to return OK for all domains you wish to allow, since that does not check the rest of the restrictions.

You should set up submission on port 587 with SASL and TLS to submit mail to the postfix machine; this dedicated listener can then allow traffic only to the one domain.

Failing that, you will have to create a restriction_class for it, so that the permit_checks are dependent on the recipient (domain) AND the sender(domain).

This is a non-trivial excercise.

Solution 2

/etc/postfix/main.cf:
    smtpd_recipient_restrictions =
        check_recipient_access hash:/etc/postfix/protected_destinations
        ...the usual stuff...

    smtpd_restriction_classes = insiders_only
    insiders_only = check_sender_access hash:/etc/postfix/insiders, reject

/etc/postfix/protected_destinations:
    [email protected]   insiders_only
    [email protected] insiders_only

/etc/postfix/insiders:
    my.domain       OK  matches my.domain and subdomains
    another.domain  OK  matches another.domain and subdomains

taken from here: http://vicky2183.wordpress.com/2010/07/09/postfix-per-recipient-sender-restrictions/

I used such a setup few years ago. I restricted local recipients to send and also receive emails only from allowed destinations.

Share:
6,317

Related videos on Youtube

Eleven-Two
Author by

Eleven-Two

Updated on September 18, 2022

Comments

  • Eleven-Two
    Eleven-Two almost 2 years

    how can I configure postfix to allow sending to a certain (external) domain only?

    I'm already using check_recipient_access. Content of my /etc/postfix/recipients_restrictions:

    domain.com OK

    My (current) configuration:

    smtpd_recipient_restrictions =
                        permit_mynetworks,
                        check_recipient_access hash:/etc/postfix/recipients_restrictions,
                        permit_sasl_authenticated,
                        reject_unknown_recipient_domain,
                        reject_unauth_destination,
                        reject

    I have already tried to switch permit_mynetworks and check_recipient_access. If I create an entry like "baddomain.com REJECT" in recipients_restrictions file, it works fine. I found out, there is no way to create a wildcard for "Reject" in this file (please correct me, if I'm wrong).

    I want this server to send to addresses for few domains only and restrict it from sending any mails to any other domain as a matter of security.

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

Mailx is is not working
Linux: Use maildir instead of mbox
How to configure Postfix mail on Red Hat Linux?
Postfix can send but not receive mail
How do I deliver an email stuck in my Postfix mail queue?
Postfix mail storage files
DKIM Signature Failing - DNS record lookup is incorrect
Bugzilla not sending emails, even to the test file?
Postfix: 550 No Such Domain at this Location
Connection Timed Out - Simple outbound Postfix for PHP Contact form