On 5/24/2021 8:11 PM, Alex wrote:
Hi,
Is it possible to implement body checks and header checks on a
per-domain basis? I'd like to reject mail from domain1.com for one
domain while allowing it to another.
Currently I have the following:
header_checks = regexp:$config_directory/header_checks
pcre:$config_directory/header_checks.pcre
body_checks = regexp:$config_directory/body_checks
regexp:$config_directory/body_checks.pcre
relay_domains = $mydestination, example1.com, example2.com
Perhaps it's something that can be done with the regexp itself?
Not possible with header or body checks, which are essentially global.
If you have multiple external IPs, you could use multiple postfix
instances, one for each domain, each with their own header/body checks.
http://www.postfix.org/MULTI_INSTANCE_README.html
For rejecting unwanted mail, usually a check_sender_access map is a
better choice than header/body checks. You can use restriction
classes for a limited number of domain/block pairs. This gets
unmaintainable past a couple dozen domains, but works great and easy
for a handful.
http://www.postfix.org/RESTRICTION_CLASS_README.html
A suitable external policy service could also do this.
http://www.postfix.org/SMTPD_POLICY_README.html
Usually postfwd is recommended as a good general-purpose policy
service, maybe there's another that would suit your needs better.
http://www.postfix.org/addon.html#policy
-- Noel Jones
