Block outgoing mail to specific address using Postfix

To block anyone (local (mail/sendmail command) system users and SMTP users) from sending to an email address you cannot rely on smtpd_recipient_restrictions. You need to place the restriction into the qmgr phase. For this I've found that transport_maps works well.

main.cf:

transport_maps = pcre:/etc/postfix/transport_maps

transport_maps:

/^user(\+[^@]+)?@host\.com/ discard:
/.*/ :

Maybe there is a better solution but this one appears to work for all delivery types. FYI, that regex supports [email protected] and [email protected] assuming a + delimiter. It prevents To, CC and BCC.

Also make sure your postfix has pcre support enabled. On Debian based (Ubuntu, etc) operating systems that is provided by the postfix-pcre package.


As described in access(5), just add a check_recipient_access map to your smtpd_recipient_restrictions; if you wish to block these recipients for your own users too, make sure to place it before permit_mynetworks and/or permit_sasl_authenticated.

smtpd_recipient_restrictions = check_recipient_access hash:/etc/postfix/bad_recipients, permit_mynetworks, reject_unauth_destination, permit

And in /etc/postfix/bad_recipients:

[email protected] REJECT We don't like him
[email protected] REJECT Delivery to this user is prohibited

The simplest way to do this, with no regular expression support needed:

  1. Add this to main.cf if it is not already there:

    transport_maps = hash:/etc/postfix/transport

  2. Add this line to the file "/etc/postfix/transport"

    [email protected] discard

  3. Run postmap

    postmap /etc/postfix/transport

  4. Reload postfix

    service postfix reload

Tags:

Postfix