Howto configure Postfix to relay messages from a specific email address

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
6 messages Options
Reply | Threaded
Open this post in threaded view
|

Howto configure Postfix to relay messages from a specific email address

phep
Hi,

Let's say my domain is example.com. We have a bunch of servers that are
authorised to use our SMTP server to relay their mail to the outside with
something like :

mynetworks: 192.168.250.0/24

So far, so good.

Now I have a sister organisation with domain example2.com that operates a
web app than needs to send mail through our Postfix server and I want to
relay mails sent from this web app provided the messages sender meets a
specific email address (say [hidden email]).

How can I do that in main.cf ? Simply adding the web app server IP to
mynetworks would not do the trick since I'd rather not relay any email
traffic from this server, only this webapp messages (notwithstanding fake
headers).

I read through smtpd_reject_unlisted_recipient and smtpd_relay_restrictions
documentation but could not figure out how to do it.

Thanks in advance,

phep
Reply | Threaded
Open this post in threaded view
|

RE: Howto configure Postfix to relay messages from a specific email address

Fazzina, Angelo
Hi, I use postfix version 2.6 or 2.10 I forget

Can you test setting these settings ?
In main.cf

#relay_domains = test.uconn.edu $mydestination
#relay_recipient_maps = hash:/etc/postfix/relay_recipients

tfix]# more relay_recipients
[hidden email] OK



Not sure is   virtual_alias_domains setting may help you as well ?

Good Luck.

-ANGELO FAZZINA

ITS Service Manager:
Spam and Virus Prevention
Mass Mailing
G Suite/Gmail

[hidden email]
University of Connecticut,  ITS, SSG, Server Systems
860-486-9075

-----Original Message-----
From: [hidden email] [mailto:[hidden email]] On Behalf Of phep
Sent: Tuesday, March 20, 2018 9:42 AM
To: [hidden email]
Subject: Howto configure Postfix to relay messages from a specific email address

Hi,

Let's say my domain is example.com. We have a bunch of servers that are
authorised to use our SMTP server to relay their mail to the outside with
something like :

mynetworks: 192.168.250.0/24

So far, so good.

Now I have a sister organisation with domain example2.com that operates a
web app than needs to send mail through our Postfix server and I want to
relay mails sent from this web app provided the messages sender meets a
specific email address (say [hidden email]).

How can I do that in main.cf ? Simply adding the web app server IP to
mynetworks would not do the trick since I'd rather not relay any email
traffic from this server, only this webapp messages (notwithstanding fake
headers).

I read through smtpd_reject_unlisted_recipient and smtpd_relay_restrictions
documentation but could not figure out how to do it.

Thanks in advance,

phep
Reply | Threaded
Open this post in threaded view
|

Re: Howto configure Postfix to relay messages from a specific email address

Matus UHLAR - fantomas
In reply to this post by phep
On 20.03.18 14:41, phep wrote:

>Let's say my domain is example.com. We have a bunch of servers that
>are authorised to use our SMTP server to relay their mail to the
>outside with something like :
>
>mynetworks: 192.168.250.0/24
>
>So far, so good.
>
>Now I have a sister organisation with domain example2.com that
>operates a web app than needs to send mail through our Postfix server
>and I want to relay mails sent from this web app provided the
>messages sender meets a specific email address (say
>[hidden email]).
>
>How can I do that in main.cf ? Simply adding the web app server IP to
>mynetworks would not do the trick since I'd rather not relay any
>email traffic from this server, only this webapp messages
>(notwithstanding fake headers).
>
>I read through smtpd_reject_unlisted_recipient and
>smtpd_relay_restrictions documentation but could not figure out how
>to do it.

configure SMTP authentication instead of playing with this.

--
Matus UHLAR - fantomas, [hidden email] ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
I wonder how much deeper the ocean would be without sponges.
Reply | Threaded
Open this post in threaded view
|

Re: Howto configure Postfix to relay messages from a specific email address

Benny Pedersen-2
In reply to this post by phep
phep skrev den 2018-03-20 14:41:

> How can I do that in main.cf ? Simply adding the web app server IP to
> mynetworks would not do the trick since I'd rather not relay any email
> traffic from this server, only this webapp messages (notwithstanding
> fake headers).

possible add sasl auth to the webapp client ?

thats what roundcube does by default on localhost
Reply | Threaded
Open this post in threaded view
|

Re: Howto configure Postfix to relay messages from a specific email address

Viktor Dukhovni
In reply to this post by phep


> On Mar 20, 2018, at 9:41 AM, phep <[hidden email]> wrote:
>
> Now I have a sister organisation with domain example2.com that operates a web app than needs to send mail through our Postfix server and I want to relay mails sent from this web app provided the messages sender meets a specific email address (say [hidden email]).
>
> How can I do that in main.cf ? Simply adding the web app server IP to mynetworks would not do the trick since I'd rather not relay any email traffic from this server, only this webapp messages (notwithstanding fake headers).
>
> I read through smtpd_reject_unlisted_recipient and smtpd_relay_restrictions documentation but could not figure out how to do it.

http://www.postfix.org/RESTRICTION_CLASS_README.html

--
        Viktor.

Reply | Threaded
Open this post in threaded view
|

Re: Howto configure Postfix to relay messages from a specific email address

@lbutlr
In reply to this post by phep
On 2018-03-20 (07:41 MDT), phep <[hidden email]> wrote:
>
> Let's say my domain is example.com. We have a bunch of servers that are authorised to use our SMTP server to relay their mail to the outside with something like :
>
> mynetworks: 192.168.250.0/24
>
> So far, so good.

I disagree. Allowing unauthenticated processes to send mail just because they are on you LAN is a bad thing.

--
Personal isn't the same as important. What sort of person could think
like that? And it dawned on him that while Ankh in the past had had its
share of evil rulers, and simply bad rulers, it had never yet come under
the heel of a good ruler. That might be the most terrifying prospect of
all. --Men at Arms