Join Log in
Score:0
avatar Server

Postfix stop all outgoing emails except exceptions

ca flag
Nifhel

In order to avoid spam sent from my server I'm trying to get Postfix to block all outgoing emails, except the ones sent from specific email address (like [email protected]), and allow all incoming emails to all addresses listed in a mysql db.

I managed to configure the imcoming part, but I'm struggling to block the outgoing emails.

How do I do that? Is there a way I can test if the server actually block outgoing emails? How do the spammers do? Can I check at the logs?

Edit. This is my current configuration:

compatibility_level = 3.6
queue_directory = /var/spool/postfix
command_directory = /usr/sbin
daemon_directory = /usr/libexec/postfix
data_directory = /var/lib/postfix
mail_owner = postfix
unknown_local_recipient_reject_code = 550
debug_peer_level = 2
debugger_command =
         PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin
         ddd $daemon_directory/$process_name $process_id & sleep 5
sendmail_path = /usr/sbin/sendmail
newaliases_path = /usr/bin/newaliases
mailq_path = /usr/bin/mailq
setgid_group = postdrop
html_directory = no
manpage_directory = /usr/share/man
sample_directory = /etc/postfix


readme_directory = /usr/share/doc/postfix/readme
inet_protocols = ipv4
meta_directory = /etc/postfix
shlib_directory = /usr/lib/postfix
maillog_file = /dev/stdout
myhostname = mydomain.com
mydomain = mydomain.com
mydestination = mydomain.com, localhost.localdomain, localhost
myorigin = $mydomain
relayhost = [smtp.gmail.com]:587
smtp_use_tls = yes
always_add_missing_headers = yes
smtp_host_lookup = native,dns
transport_maps = lmdb:/dockervolume/transport
virtual_alias_maps = proxy:mysql:/dockervolume/mysql-virtual_email2email.cf
virtual_mailbox_maps = proxy:mysql:/dockervolume/mysql-virtual_mailboxes.cf
local_recipient_maps = $virtual_mailbox_maps
local_transport = virtual
relay_domains = $mydomain
smtpd_banner = $mydomain
default_process_limit = 100
smtpd_client_connection_count_limit = 10
smtpd_client_connection_rate_limit = 10
queue_minfree = 20971520
header_size_limit = 51200
message_size_limit = 2097152
smtpd_recipient_limit = 5
disable_vrfy_command = yes
smtpd_helo_required = yes
mynetworks = 10.0.0.0/8, 172.16.0.0/12, 192.168.0.0/16
smtp_tls_loglevel = 1
smtpd_tls_loglevel = 1
smtpd_client_message_rate_limit = 5
anvil_rate_time_unit = 120s
smtpd_client_recipient_rate_limit = 10
smtpd_tls_auth_only = yes
smtpd_delay_reject = yes
smtpd_helo_restrictions = permit
smtpd_error_sleep_time = 3s
smtpd_soft_error_limit = 10
smtpd_hard_error_limit = 20
default_destination_rate_delay = 2s
smtpd_sender_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unknown_sender_domain, permit
smtpd_recipient_restrictions = permit_mynetworks, reject_unknown_recipient_domain, permit
24
0 + 0
anx avatar
fr flag
anx
The primary method of restricting *outgoing* mail to authorized users is identifying them from network address of authentication. Surely the spammer can fill the sender with the same value you are using, so your suggested solution may not solve your problem.
0
Reply
anx avatar
fr flag
anx
Well, what is your current postfix configuration? What have you tried? Restricting the acceptable envelope sender addresses is usually done via the `check_sender_access` facility in `smtpd_sender_restrictions`..
1
Reply
ca flag
Nifhel
@anx Thanks for your answer. I updated my question and added my current configuration
0
Reply
ธงชาติไทย
Elon Musk
I sit in a Tesla and translated this thread with Ai:

mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.