Home | Comics | Gallery | (Amazon| ThinkGeek) wishlist | Donations | Impressum | The Book of Postfix | Postfix - Einrichtung, Betrieb und Wartung | Blog

Require mail leaving your network to have a valid sender address from within your domain

Prerequisite

List of valid sender addresses -- of course you'll need a list of valid sender addresses in your domain! 

smtpd_recipient_restrictions =
   check_client_access cidr:/etc/postfix/mynetworks
   reject_unauth_destination
   ... more restrictions ...
and in /etc/postfix/mynetworks we have:

141.42.0.0/16     check_for_valid_sender
141.43.0.0/16     check_for_valid_sender
193.175.16.0/24   check_for_valid_sender

... since we want to force our clients to use a valid email address. Then we define some smtpd_restriction_classes:

smtpd_restriction_classes =
   check_for_valid_sender
   
check_for_valid_sender =
   check_sender_access hash:/etc/postfix/valid_senders
   check_sender_access regexp:/etc/postfix/nice_reject.regexp

Actually, nice_reject is just fancy, but users like a good error message! A simple reject would also work.

/etc/postfix/valid_senders contains: 

<>                                 OK
valid.sender@example.com           OK
another.valid.sender@example.com   OK

We need to use smtpd_null_access_lookup_key -- which defaults to <>, since a bounce is a valid sender address!

/etc/postfix/nice_reject.regexp contains: 

/./     554 Please use an existing sender address!

© by Ralf Hildebrandt
This document contains links to external information sources that I do neither monitor nor control. I explicitly disclaim any liabilities in respect to external references.
You are getting this document without any guarantees. Any methods shown above are meant as demonstration and may be wrong in some place. You may damage your system if you try to follow my hints and instructions. You do this at your own risk!

Valid HTML 4.01 Strict

Windows 7 Sins

 Locations of visitors to this page

This file was last modified 16. Apr 2007 by root