POSTFIX: relay one domain to smarthost A, all else to smarthost B

Discussion in 'Server Operation' started by arboundy, Aug 26, 2013.

  1. arboundy

    arboundy New Member

    Hoping someone could me with this one, Im sure its simple but I dont know the term to google for...

    I have an Ubuntu Postfix server effectively acting as an SMTP router, very dumb, with all our anti-relay and other governance being performed higher up the chain.

    I want to have it relay a certain domain(s) to specified smarthosts, with all others (*) to be forward to a default smarthost. I would prefer it to be without auth (as stated very dumb).

    My main.cf is as follows;

    Code:
    # GENERAL
      biff = no
      append_dot_mydomain = no
    # HOSTNAME
      myhostname = smtp_router.internal.domain.com
    # SINCE THIS IS AN EMAIL ROUTER IT IS ONLY MEANT TO FORWARD EMAIL 
    # SO DISABLE LOCAL MAIL DELIVERY BY SETTING TO EMPTY
      mydestination =
      local_recipient_maps =
      local_transport = error: local main delivery disabled
    # NETWORKS ALLOWS TO RELAY THROUGH THIS GATEWAY
      mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128
    # DOMAINS FOR WHICH THIS GATEWAY WILL ACCEPT EMAILS
      relay_domains = $myhostname, hash:/etc/postfix/relay_domains
    # WHAT THE GATEWAY WILL ACCEPT FOR THE RCPT TO
      smtp_recipient_restrictions = permit_mynetworks
    # RELAY MAPPINGS PER DOMAIN
      transport_maps = hash:/etc/postfix/transport
    # GENERAL
      message_size_limit = 50480000
      mailbox_size_limit = 0
      recipient_delimiter = +
      inet_interfaces = all
    My relay_domains is (example);

    Code:
    domaina.com OK
    domainb.com OK
    domainc.com OK
    My transport is (example);

    Code:
    domaina.com		smtp:server.domaina.com
    domainb.com		smtp:server.domainb.com
    domainc.com		smtp:server.domainc.com
    and everything works as expected, however I cant figure out how to wildcard any other domain (@gmail.com etc) to serverx.domainx.com. I have removed put a wildcard in relay_domains (both main.cf and the db) and transport, added a relayhost after relay_domains, found a reference to default_relayhost - nothing worked.

    Can anyone point me in the right direction?

    Cheers

    Aaron
     
  2. arboundy

    arboundy New Member

    I was so caught in the secure way I forgot the insecure way. Note this is not recommended for an external smtp server - this is purely for an internal smtp "router". Note this conf is without authentication due to the dumb devices using it.

    The main.cf should look like;

    Code:
    #SMTP BANNER
    smtpd_banner = ESMTP
    
    # GENERAL
    biff = no
    append_dot_mydomain = no
    
    # HOSTNAME
    myhostname = smtp_router.internal.domain.com
    
    # DISABLE LOCAL MAIL DELIVERY BY SETTING TO EMPTY
    mydestination =
    local_recipient_maps =
    local_transport = error: local main delivery disabled
    
    # ALLOWS TO RELAY THROUGH THIS GATEWAY
    mynetworks = 127.0.0.0/8 
      [::ffff:127.0.0.0]/104
      [::1]/128 
      XXX.XXX.XXX.XXX/24
      XXX.XXX.XXX.XXX/8
    smtpd_recipient_restrictions =
      permit_mynetworks
      check_sender_access hash:/etc/postfix/sender_access
      reject_unauth_destination
    
    # RELAY MAPPINGS PER DOMAIN
    transport_maps = hash:/etc/postfix/transport
    
    # GENERAL
    message_size_limit = 50480000
    mailbox_size_limit = 0
    recipient_delimiter = +
    inet_interfaces = all
    where XXX.XXX.XXX.XXX/24 is a subnet you wish to allow to relay, or XXX.XXX.XXX.XXX/8 is a specific IP Address to allow.

    The /etc/postfix/sender_access should contain;

    Code:
    senderdomain.com OK
    where senderdomain.com is a domain name you wish to allow to relay through this host, therefore the sending address needs to be something like [email protected]. Remember to run "postmap /etc/posfix/sender_acess" after setting this file.

    The /etc/postfix/transport should contain;

    Code:
    domaina.com  smtp:smtp.domaina.com
    domainb.com  smtp:smtp.domainb.com
    *            smtp:smtp.domain.com
    This allows you to specify specific internal hosts for domaina and domainb, whist the default (anything else) will route via your standard smtp.domain.com.

    As before, run run "postmap /etc/posfix/transport" after setting this file.

    Reload postfix and you should have a flexible smtp router.
     
  3. Traced

    Traced New Member

    So how would you do this the secure way? I have my relay going to an office 365 server that needs its authentication info. I have my relayhost pointing to the 365 server followed by all the authentication info. This works fine. What I want to do is push other email through the same relay, allowing all emails to route to their normal destinations (Yahoo, Gmail) EXCEPT the emails that should be going to the 365 server, which those emails would utilize the entered relayhost and use its authentication info. I think its all in the transport file but I am not sure how to type that up.
     
    Last edited: Dec 17, 2013

Share This Page