Hi, I was wondering if someone has accomplish what im trying to do? So I have been working with postfix Email server for a while seems to be running great, I wanted to implement that some users can only send to thier domain (internal emails only) but cannot send outside or certain domains but for the sake of it only internal emails I have been trying to follow this guide So after following this I am able to restrict but only works though squirrel mail but not on outlook which makes no sense This is my Main.cf Code: # See /usr/share/postfix/main.cf.dist for a commented, more complete version # Debian specific: Specifying a file name will cause the first # line of that file to be used as the name. The Debian default # is /etc/mailname. #myorigin = /etc/mailname smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu) biff = no # appending .domain is the MUA's job. append_dot_mydomain = no # Uncomment the next line to generate "delayed mail" warnings #delay_warning_time = 4h readme_directory = no # TLS parameters smtpd_tls_cert_file = /etc/ssl/certs/server.crt smtpd_tls_key_file = /etc/ssl/private/server.key smtpd_use_tls=yes smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache # See /usr/share/doc/postfix/TLS_README.gz in the postfix-doc package for # information on enabling SSL in the smtp client. smtpd_relay_restrictions = permit_mynetworks permit_sasl_authenticated defer_unauth_destination myhostname = mail.telsatco.com alias_maps = hash:/etc/aliases alias_database = hash:/etc/aliases myorigin = /etc/mailname mydestination = telsatco.com, mail.telsatco.com, localhost.localdomain, localhost relayhost = mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128 192.168.3.0/24 192.168.3.0/24 mailbox_size_limit = 0 recipient_delimiter = + inet_interfaces = all inet_protocols = all home_mailbox = Maildir/ smtpd_sasl_type = dovecot smtpd_sasl_path = private/auth smtpd_sasl_local_domain = smtpd_sasl_security_options = noanonymous broken_sasl_auth_clients = yes smtpd_sasl_auth_enable = yes smtpd_recipient_restrictions = check_sender_access hash:/etc/postfix/restricted_senders, permit_sasl_authenticated,permit_mynetworks,reject_unauth_destination smtpd_restriction_classes = local_only local_only = check_recipient_access hash:/etc/postfix/local_domains, reject smtp_tls_security_level = may smtpd_tls_security_level = may smtp_tls_note_starttls_offer = yes smtpd_tls_loglevel = 1 smtpd_tls_received_header = yes sender_bcc_maps = hash:/etc/postfix/sender_bcc recipient_bcc_maps = hash:/etc/postfix/recipient_bcc virtual_alias_maps = hash:/etc/postfix/vmaps milter_default_action = accept milter_protocol = 2 smtpd_milters = inet:localhost:8891 non_smtpd_milters = inet:localhost:8891 Thank you
Hi, Thank you for the reply I was looking at the mail log and say that each time it gets sent I would see relay = another domain name i was looking at the Postfix restrictions And I got it to work ONLY with squirrel mail but using Outlook and a note says " Note: this scheme does not authenticate the user, and therefore it can be bypassed in several ways: By sending mail via a less restrictive mail relay host. By sending mail as someone else who does have permission to send mail to off-site destinations. By sending mail via a less restrictive mail relay host. By sending mail as someone else who does have permission to send mail to off-site destinations." So it got me thinking well if I could relay all Emails from users that use outlook using submission port and auth login? But then I keep getting the access denied so im not sure if im on the right path or idea or am i just going nuts? Thank you
