Hoping someone could me with this one, Im sure its simple but I dont know the term to google for... I have an Ubuntu Postfix server effectively acting as an SMTP router, very dumb, with all our anti-relay and other governance being performed higher up the chain. I want to have it relay a certain domain(s) to specified smarthosts, with all others (*) to be forward to a default smarthost. I would prefer it to be without auth (as stated very dumb). My main.cf is as follows; Code: # GENERAL biff = no append_dot_mydomain = no # HOSTNAME myhostname = smtp_router.internal.domain.com # SINCE THIS IS AN EMAIL ROUTER IT IS ONLY MEANT TO FORWARD EMAIL # SO DISABLE LOCAL MAIL DELIVERY BY SETTING TO EMPTY mydestination = local_recipient_maps = local_transport = error: local main delivery disabled # NETWORKS ALLOWS TO RELAY THROUGH THIS GATEWAY mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128 # DOMAINS FOR WHICH THIS GATEWAY WILL ACCEPT EMAILS relay_domains = $myhostname, hash:/etc/postfix/relay_domains # WHAT THE GATEWAY WILL ACCEPT FOR THE RCPT TO smtp_recipient_restrictions = permit_mynetworks # RELAY MAPPINGS PER DOMAIN transport_maps = hash:/etc/postfix/transport # GENERAL message_size_limit = 50480000 mailbox_size_limit = 0 recipient_delimiter = + inet_interfaces = all My relay_domains is (example); Code: domaina.com OK domainb.com OK domainc.com OK My transport is (example); Code: domaina.com smtp:server.domaina.com domainb.com smtp:server.domainb.com domainc.com smtp:server.domainc.com and everything works as expected, however I cant figure out how to wildcard any other domain (@gmail.com etc) to serverx.domainx.com. I have removed put a wildcard in relay_domains (both main.cf and the db) and transport, added a relayhost after relay_domains, found a reference to default_relayhost - nothing worked. Can anyone point me in the right direction? Cheers Aaron
I was so caught in the secure way I forgot the insecure way. Note this is not recommended for an external smtp server - this is purely for an internal smtp "router". Note this conf is without authentication due to the dumb devices using it. The main.cf should look like; Code: #SMTP BANNER smtpd_banner = ESMTP # GENERAL biff = no append_dot_mydomain = no # HOSTNAME myhostname = smtp_router.internal.domain.com # DISABLE LOCAL MAIL DELIVERY BY SETTING TO EMPTY mydestination = local_recipient_maps = local_transport = error: local main delivery disabled # ALLOWS TO RELAY THROUGH THIS GATEWAY mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128 XXX.XXX.XXX.XXX/24 XXX.XXX.XXX.XXX/8 smtpd_recipient_restrictions = permit_mynetworks check_sender_access hash:/etc/postfix/sender_access reject_unauth_destination # RELAY MAPPINGS PER DOMAIN transport_maps = hash:/etc/postfix/transport # GENERAL message_size_limit = 50480000 mailbox_size_limit = 0 recipient_delimiter = + inet_interfaces = all where XXX.XXX.XXX.XXX/24 is a subnet you wish to allow to relay, or XXX.XXX.XXX.XXX/8 is a specific IP Address to allow. The /etc/postfix/sender_access should contain; Code: senderdomain.com OK where senderdomain.com is a domain name you wish to allow to relay through this host, therefore the sending address needs to be something like [email protected]. Remember to run "postmap /etc/posfix/sender_acess" after setting this file. The /etc/postfix/transport should contain; Code: domaina.com smtp:smtp.domaina.com domainb.com smtp:smtp.domainb.com * smtp:smtp.domain.com This allows you to specify specific internal hosts for domaina and domainb, whist the default (anything else) will route via your standard smtp.domain.com. As before, run run "postmap /etc/posfix/transport" after setting this file. Reload postfix and you should have a flexible smtp router.
So how would you do this the secure way? I have my relay going to an office 365 server that needs its authentication info. I have my relayhost pointing to the 365 server followed by all the authentication info. This works fine. What I want to do is push other email through the same relay, allowing all emails to route to their normal destinations (Yahoo, Gmail) EXCEPT the emails that should be going to the 365 server, which those emails would utilize the entered relayhost and use its authentication info. I think its all in the transport file but I am not sure how to type that up.
