Blocking an address from submission mail

classic Classic list List threaded Threaded
2 messages Options
Reply | Threaded
Open this post in threaded view
|

Blocking an address from submission mail

@lbutlr
How would I go about blocking mail to a valid address if it is sent from a user on my postfix mail server.

For example, let’s say I have [hidden email] and that address is only for people outside to send mail to, so when a local user or a user in virtual. (Those users have to use submission ports 587 or 465) send a mail to that address, I would like it to be rejected with a message like "REJECT This email not for internal use".

And is the answer different if example.com is on a different server but I still don’t want users on this mail server so be able to send email to it?

How about if there is a specific list of users who are not allowed to send mail to that email address?

(Trying to cover all the bases here)



--
Tina... homecoming is spelled c *O* m

Reply | Threaded
Open this post in threaded view
|

Re: Blocking an address from submission mail

Bill Cole-3
On 4 Oct 2019, at 21:33, @lbutlr wrote:

> How would I go about blocking mail to a valid address if it is sent
> from a user on my postfix mail server.
>
> For example, let’s say I have [hidden email] and that address
> is only for people outside to send mail to, so when a local user or a
> user in virtual. (Those users have to use submission ports 587 or 465)
> send a mail to that address, I would like it to be rejected with a
> message like "REJECT This email not for internal use".

A check_recipient_access map that is only used for the in the
submission/smtps services would do the trick. i.e. add an additional
override in master.cf like  "-o
smtpd_recipient_restrictions=[...],check_recipient_access
hash:/etc/postfix/remote_only,[...]"

> And is the answer different if example.com is on a different server
> but I still don’t want users on this mail server so be able to send
> email to it?

Nope.

> How about if there is a specific list of users who are not allowed to
> send mail to that email address?

Use a restriction class: see the RESTRICTION_CLASS_README. That would
also work for the simpler case if you don't want to fiddle in master.cf.

--
Bill Cole
[hidden email] or [hidden email]
(AKA @grumpybozo and many *@billmail.scconsult.com addresses)