Block outgoing mail to specific address using Postfix
To block anyone (local (mail/sendmail command) system users and SMTP users) from sending to an email address you cannot rely on smtpd_recipient_restrictions
. You need to place the restriction into the qmgr
phase. For this I've found that transport_maps
works well.
main.cf
:
transport_maps = pcre:/etc/postfix/transport_maps
transport_maps
:
/^user(\+[^@]+)?@host\.com/ discard:
/.*/ :
Maybe there is a better solution but this one appears to work for all delivery types. FYI, that regex supports [email protected]
and [email protected]
assuming a +
delimiter. It prevents To, CC and BCC.
Also make sure your postfix has pcre support enabled. On Debian based (Ubuntu, etc) operating systems that is provided by the postfix-pcre package.
As described in access(5), just add a check_recipient_access map to your smtpd_recipient_restrictions; if you wish to block these recipients for your own users too, make sure to place it before permit_mynetworks and/or permit_sasl_authenticated.
smtpd_recipient_restrictions = check_recipient_access hash:/etc/postfix/bad_recipients, permit_mynetworks, reject_unauth_destination, permit
And in /etc/postfix/bad_recipients:
[email protected] REJECT We don't like him
[email protected] REJECT Delivery to this user is prohibited
The simplest way to do this, with no regular expression support needed:
Add this to main.cf if it is not already there:
transport_maps = hash:/etc/postfix/transport
Add this line to the file "/etc/postfix/transport"
[email protected] discard
Run postmap
postmap /etc/postfix/transport
Reload postfix
service postfix reload