From: Craig Box on
I have a staging server running Postfix, which I want to only set up
to deliver mail to example.org.  This machine is running Mailman, and
gets lists copied back from the production server - we want to be able
to test on this server safe in the knowledge that if someone
accidentally sends mail to the wrong list, we won't accidentally send
any test messages out to anyone outside our test domain.

All mail is sent from this server to a smarthost for delivery.  The
smarthost is the same one that is used in production, and will accept
mail for any destination.

I have set up

    relay_domains = example.org
    smtpd_recipient_restrictions = reject_unauth_destination

This correctly causes the server to only relay for example.org when
addressed by SMTP.  However, using mail(1) on the server, Postfix will
happily deliver for all addresses.  I would like to somehow restrict
this to the relay_domains only, and have it bounce all messages to any
other recipients. Is this possible, or is there another way to
achieve my goal, given my constraints?

Regards,
Craig

From: Wietse Venema on
Craig Box:
> I have a staging server running Postfix, which I want to only set up
> to deliver mail to example.org.? This machine is running Mailman, and
> gets lists copied back from the production server - we want to be able
> to test on this server safe in the knowledge that if someone
> accidentally sends mail to the wrong list, we won't accidentally send
> any test messages out to anyone outside our test domain.

Perhaps with a transport table, taking advantage of its
special syntax:

/etc/postfix/main.cf
transport_maps = hash:/etc/postfix/transport

/etc/postfix/transport:
example.org :
* error:we do not deliver this domain

> All mail is sent from this server to a smarthost for delivery.? The
> smarthost is the same one that is used in production, and will accept
> mail for any destination.

The above will reject SMTP mail, and bounce local submission, for
domains other than example.org.

Wietse

> I have set up
>
> ??? relay_domains = example.org
> ??? smtpd_recipient_restrictions = reject_unauth_destination
>
> This correctly causes the server to only relay for example.org when
> addressed by SMTP.? However, using mail(1) on the server, Postfix will
> happily deliver for all addresses.? I would like to somehow restrict
> this to the relay_domains only, and have it bounce all messages to any
> other recipients. Is this possible, or is there another way to
> achieve my goal, given my constraints?
>
> Regards,
> Craig
>
>