On Sat, Jan 25, 2025 at 10:06:36AM +0100, Tomasz Pala via Postfix-users wrote:
> > Emails are permitted to be sent between all three domains.
>
> I would try:
>
> master.cf:
> smtpd [...]
> -o virtual_mailbox_domains=example.com,example.org
This does not do what you think it does, because the classification of
addresses into address classes happens in the trivial-rewrite service,
not in smtpd(8). Best to not jump-in and reply with "I would try", if
you don't actually have an answer.
> main.cf:
> virtual_mailbox_domains=example.com,example.org,example.internal
To effect access control, access(5) checks should be used.
On Sat, Jan 25, 2025 at 10:15:57AM +0100, Tomasz Pala via Postfix-users wrote:
> If that doesn't work - different approach, using only restrictions,
> e.g.
>
> smtpd_recipient_restrictions = permit_mynetworks [...]
> reject_unauth_destination
> check_recipient_access hash:/etc/$config_directory/my_domains
This is closer, but the OP's main problem is stopping internal senders
from reaching the public Internet. For that it would be appropriate
to know how and whether internal senders are actually authenticated
when submitting new messages. And are particular users always in
a particular domain, or do they wear multiple hats with some mail
authorised to be sent, and some not from the very same user.
Restricting outbound mail is best handled at submission, rather than on
gateway systems, where the envelope sender may not accurately reflect
who is sending the mail, or in what capacity.
The relevant access(5) primitive is: "check_sender_access", and one may
be able to set an "action" for some envelope sender domains that is
"reject_unauth_destination". But without a better problem statement,
it is unclear whether this is the right approach.
--
Viktor.
_______________________________________________
Postfix-users mailing list -- postfix-users@postfix.org
To unsubscribe send an email to postfix-users-le...@postfix.org
