On 3/17/2012 9:48 AM, Jesper Dybdal wrote:
> Is there a simple way to put all outgoing mail (i.e., everything that
> would normally be processed by the default "smtp" instance) into the
> HOLD queue?
>
> The reason I would like to do that is that the IP address on which I run
> my little server is about to change, and I would like outgoing mail to
> be held until I am sure that the new address has a proper reverse DNS
> and is not in any problematic DNSBLs. I could also just block outgoing
> port 25 with a firewall rule, but using HOLD will give me better
> control: I can then release individual mails if I want to.
You can use a check_recipient_access map that puts everything
non-local on hold.
This needs to be the first rule in one of the smtpd_*_restrictions
sections so that all SMTP mail will be subjected to it. And, as a
guideline, you don't want rules of this sort in
smtpd_recipient_restrictions due to the danger of a typo mistake
making you an open relay.
Note that smtpd restrictions don't apply to mail submitted via the
sendmail(1) command line interface -- such as users with a login
shell, system/cron mail, sometimes webmail.
It would probably be prudent to do the firewall block until you see
where mail is going.
Also note that HOLD is a message-level restriction. If a message
has both local and non-local recipients, all will be put on HOLD.
# main.cf
smtpd_sender_restrictions =
check_recipient_access =
regexp:/etc/postfix/hold_outgoing.regexp
# hold_outgoing.regexp
/example\.com$/ DUNNO skip my domain
/^/ HOLD outgoing delivery suspended
-- Noel Jones
