PDA

View Full Version : Postfix help



SpankMe
21st February 2011, 10:11
I need to configure postfix on my test server to only allow sending to one email address, mine. All other emails should be dropped. I want to stop the test server sending out notification emails while I do testing on KB.

Grasshopperus
21st February 2011, 11:14
If your email is registered to your own domain spankme@spankers.net (or whatever) you could always do something like firewall off all tcp/25 traffic except for that domain. You'd get heaps of rejection messages in the log for all other users but it'd allow you to do your testing.

iptables -A OUTPUT -p tcp --dport 25 ! -d spankers.net -j REJECT

I'm having a look through postfix's main.cf and I can't see anything obvious and easy like how you want. You could set the mail server up to accept mail for all domains (and fill it with the output of all KBer email addresses using a script to extract data) which would prevent emails going out on the wire. The relay_domains directive looks like it might do something similar but may only act on domains and not individual email addresses. There's also address rewriting and address redirection.

I've gotta run now but will take another look after lunch if you'd like.

Cheers

Buyasta
21st February 2011, 11:33
It's been quite some time since I've used Postfix, but there is an easy but inelegant (and possibly unworkable, given the likely size of the userdb) solution to your problem - in /etc/postfix/recipient, "<emailaddress> REJECT" for each email address.. But I'd look into syntax and global settings if I was you - I would have thought it'd be possible to set it to reject on default, then add your testing addresses with ALLOW instead.

Grasshopperus
21st February 2011, 21:43
As it's your test system you could just go and set every users email to null except for your own. It'd be just some simple SQL.

rainman
21st February 2011, 23:12
I'd try smtpd_sender_restrictions, with check_sender_access...

Or just make it deliver to a local mail relay that filers on address (write a quick one in perl/python etc). I did this once for a tricky rewriting problem, would have been easier with postfix, but not available to me then.

rwh
21st February 2011, 23:53
We have pretty much that set up on some of our dev boxes at work.

/etc/postfix/recipient_canonical:


# everything that isn't to an address ending with foo.bar.nz
# possibly with some exceptions
/^real@example\.com$/ real@example.com
/.*@(?!.*foo.bar.nz)/ catchall@my.isp

/etc/postfix/main.cf:

...
recipient_canonical_maps = pcre:/etc/postfix/recipient_canonical
...

Works pretty well - real@example.com gets through; everything to *@*foo.bar.nz gets through; everything else goes to the catchall.

Copied (with mods) straight off the server; hopefully no typos.
Obviously any map type can be used as long as you can match what you want.

Richard