How to restrict incoming mail in Postfix.

Scenario: We have some discussion groups (alias) and we want only a few internal people in the field to have access to them and the rest of the internet and internally are not allowed.

We are supposed to have:

• postfix on linux ( centos or debian )
• minimal knowledge of linux
• I know how to use a cli editor like vim or nano
  

Our domain: covaci.tk
alias: [email protected] and [email protected]

1. First Step Setup list to restrict.
vim /etc/postfix/main.cf
smtpd_recipient_restrictions = check_recipient_access hash:/etc/postfix/protected_destinations
....................
..................
...the usual stuff...

Here we have defined a class for each alias.

And in these files who has the right
to send mail and the rest rejected (in /etc/postfix/main.cf ).
smtpd_restriction_classes = local_only
smtpd_restriction_classes = local_only2
local_only = check_sender_access pcre:/etc/postfix/restrict_intern
local_only2 = check_sender_access pcre:/etc/postfix/restrict_intern2

2. Second Step create files
vim /etc/postfix/protected_destinations
[email protected] local_only
[email protected] local_only2
After you exit the file you're running postmap /etc/postfix/protected_destinations

vim /etc/postfix/restrict_intern

/[email protected]$/ OK
/[email protected]$/ OK
/.+/ REJECT


If you want a custom error message:
/.+/ REJECT "This is a custom error messages created by Admin Team at Boss request!"

The rule in this file says that only user [email protected] and [email protected] have the right to send the rest of the mail are rejected.
vim /etc/postfix/restrict_intern2

/[email protected]$/ OK
/.+/ REJECT


And finally get restart services

/etc/init.d/postfix restart ( sysV systems like Centos 6) or
systemctl restart postfix ( systemd system like Centos 7)


If you get some errors look at /var/log/maillog and test if works!
Source: http://www.postfix.net/RESTRICTION_CLASS_README.html

@luciancovaci
If you liked it
Upvote and Follow!
Created on 20170908 at 17:41 EET