On 11 April 2018 at 03:27, Alex <mysqlstud...@gmail.com> wrote: > Hi, > I have a postfix-3.1.4 installation and have been given a request to > block all incoming mail from all but a single specific domain and > block all outgoing mail with the exception of only that same single > specific domain. > > Mail is received by a relay server, mail01.example.com, then forwarded > to a pop/imap server, host1.example.com on the same network. We wish > to reject all inbound mail with the exception of host2.example.com > from being received by host1.example.com. We also wish to reject all > outbound mail on host2.example.com from being sent unless it is > destined for host1.example.com. > > host2.example.com is also using postfix-3.1.4. > > How would I go about doing that? I thought I could configure a > check_sender_access restriction, list host2.example.com as "ok" then > reject everything else: > > host2.example.com OK > * 554 REJECT > > For host2.example.com, users send mail using either submission or > webmail which talks to postfix on localhost/25. I believe this would > be a smtpd recipient restriction? >
Put these entries in a client-based, not sender-based, restriction e.g. check_client_access hash:/etc/postfix/client_access This could appear in any of the restriction lists, including smtpd_recipient_restrictions. The first restriction list processed, I believe, is smtpd_client_restrictions.