On Wed, Sep 01, 2021 at 04:05:55PM -0400, Steve Dondley wrote:
> Thank you. Problem solved. For the benefit of others:
>
> 1) Add /etc/postfix/sender_checks file:
>
> amazonses.com OK
>
> 2) Add check to smtpd_recipient_restrictions config in main.cf:
>
> smtpd_recipient_restrictions = permit_mynetworks,
> permit_sasl_authenticated, reject_unauth_destination,
> check_sender_access hash:/etc/postfix/sender_checks check_policy_service
> unix:private/policyd-spf
>
> 3) postmap sender_checks and reload postfix.
I would have opted for "client" rather than "sender" checks, provided a
sufficiently stable/comprehensive range of source IP addresses for the
forwarding host were available.
--
Viktor.
