From: Magnus Bäck (no email)
Date: Thu Apr 19 2007 - 16:36:21 EDT
On Thursday, April 19, 2007 at 20:38 CEST,
René Schrock <> wrote:
> I want to configure postfix to reject incoming mail with internal domains.
> To filter the envelope sender I've configured
> smtpd_recipient_restrictions = ...
> check_recipient_access hash:recipient_access
> internal_domain1 554 Go away
> internal_domain2 554 Go away
> So far this works fine.
I assume you mean check_sender_access. What you've written above rejects
all messages to your own domains.
> Now, I'm searching for a solution to reject mail on the "FROM:" header
> to do the same.
How would you then receive your own messages posted to this list?
I suggest you drop this idea. If you want to block junk there are much
> I think about using header_checks, but the problem is how to apply
> header_checks only to clients, which are not in mynetworks and are
> not sasl-athenticated?
> I've already tried smtpd_restriction_classes, but didn't work.
This is only possible with two Postfix instances (which would be a bad
idea anyway), a proxy filter or milter, or if your users submitted their
messages on an alternate port or network interface.
Given one particular smtpd(8) listener, header_checks applies to all
messages without whitelisting capabilities.
-- Magnus Bäck