Postfix – Only Allow Whitelisted Recipient Domains

We have a test environment with real user data, and during testing, the servers may send emails to these real users. But we definitely don’t want our users to receive those test emails, since they’ll be totally confused and get a bad feeling about our service. Yet we want the emails sent to our company’s domain to be delivered successfully, so we can test with our work email address.

One solution is update the database and change all user emails to dummy ones. However this requires one more step each time the development database is refreshed with real data.

The solution I used is to setup a Postfix SMTP server which only allows several whitelisted domains. The configuration is quite simple.

  1. Add this into main.cf:
    smtpd_recipient_restrictions = check_recipient_access hash:/etc/postfix/recipient_domains, reject
  2. /etc/postfix/recipient_domains is the whitelist file:
    mycompany.com OK
    anotherdomain.com OK
  3. Generate hash file: postmap /etc/postfix/recipient_domains
  4. Restart postfix service

Now try sending an email to a domain not in the whitelist, like mail -s "Test email" someone@gmail.com. Look into /var/log/maillog and you will find something like that:

NOQUEUE: reject: RCPT from …: 554 5.7.1 <someone@gmail.com>: Recipient address rejected: Access denied;…

Then on all development servers, configure to use this postfix server as SMTP relay server. This is simple even with sendmail – the “SMART_HOST” option.

6 thoughts on “Postfix – Only Allow Whitelisted Recipient Domains”

  1. Hi ,

    I have done the similar changes as mentioned by you in your post but its not blocking mail for gmail.com[not included in white list].

    So please suggest is there any other changes required for getting this aborted.

    Thanks,
    Karan

  2. Hi ,

    I have done the similar changes as mentioned by you in your post but its not blocking mail for gmail.com[not included in white list].

    So please suggest is there any other changes required for getting mails blocked for gmail.com.

    Thanks,
    Karan

  3. Hi ,

    I got the Answer,For getting this achieved we can use “transport mapping”

    Step 1.Open /etc/postfix/main.cf & enter below line at end

    transport_maps = hash:/etc/postfix/transport

    Step 2:Open /etc/postfix/transport & need to insert line specifying which domain should be allowed as below:

    test.com :
    * discard:

    Step 3:Now need to create a hash of the file
    postmap /etc/postfix/transport

    Step 4:Finally reload or restart postfix and you are done.

  4. I was wondering iff you ever thought of changinng the layout of your website?
    Its very well written; I loe what youvee got to say. But maybe
    yyou could a little more in the way of content so people could connect witrh it better.
    Youve got an awful lot off texdt for only having 1 or 2 images.
    Maybhe you could space it oout better?

    My blog … male baldness treatment

Leave a Reply

Your email address will not be published. Required fields are marked *


6 − one =

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>