On 2021-10-17 Dan Mahoney (Gushi) wrote: > I've wondered this a while. It seems the old Sendmail access maps, and > following that postfix have managed to allow you to apply a rule on things > like: > > CONNECTED VIA specific IP. > FROM a specific mailbox > TO a specific mailbox > > But never more than one of these. > > Is there any easy way in postfix to say things like "Block all gmail.com > addresses for stuff sent to i...@dayjob.com"?
You can do that with restriction classes, but setting those up is a bit convoluted, unfortunately. First create a file where you reject the undesired sender, e.g. /etc/postfix/foo.pcre: ----8<---- /@g(oogle)?mail\.com$/ REJECT ---->8---- Next create a restriction class and add it to smtpd_restriction_classes in your main.cf: ----8<---- smtpd_restriction_classes = rc_bar rc_bar = check_sender_access pcre:/etc/postfix/foo.pcre ---->8---- Then point the recipient mail address to the restriction class (e.g. in a file /etc/postfix/baz): ----8<---- i...@dayjob.com rc_bar ---->8---- The example above is for an access map, so it must be compiled into a database via `postmap /etc/postfix/baz`. Lastly add the recipient check to smtpd_recipient_restrictions (again in your main.cf): ----8<---- smtpd_recipient_restrictions = permit_mynetworks permit_sasl_authenticated ... check_recipient_access hash:/etc/postfix/baz ---->8---- I'm using a PCRE table for the sender match and an access map for the recipient match because that worked best for my use cases, but other table combinations should work as well. Regards Ansgar Wiechers -- "Abstractions save us time working, but they don't save us time learning." --Joel Spolsky
