This is one for admins. Specifically for those that are looking after an email server.
I had a postfix server that only accepted emails from authenticated users, which made sure the sender address was correct, and which restricted the domains to which emails could be send (by setting relay_domains and smtp_recipient_restrictions). Given these preconditions, how can you allow select users to send emails to any destination?
I could not find a simple solution by googling, so I sat down and read through the myriad postfix options, until I found a combination which allowed me to solve the problem in a simple way. I thought I would share…
1. Create a new file /etc/postfix/sender_filter, and enter lines like these:
myEmail@example.com permit
One line per email sender address which should be allowed to send emails anywhere.
2. Translate the file for postfix:
postmap /etc/postfix/sender_filter
3. Now change your smtp_recipient_restrictions in /etc/postfix/main.cf (in my case, they had the value “reject_unauth_distination permit”):
smtp_recipient_restrictions = check_sender_access hash:/etc/postfix/sender_filter reject_unauth_distination permit
(The important thing is that check_sender_access comes before reject_unauth_destination.)
4. Reload the postfix configuration:
/etc/init.d/postfix reload
Now the destination check will decide on “permit” if the sender address matches a line in sender_filter, and only afterwards check whether the destination is in the list of allowed domains.
Comments?
Leave a Reply