Internet <-> Postfix-Gateway <-> internal Mailserver
All Mails are running through the Postfix server either from outside or inside. If you have three domains that postfix should accept mails for and then relay to the internal server you should set up the domains as relay domains.
Yes, this is correct; Internet -> Postfix/MailScanner -> Internal MailServer
/etc/postfix/main.cf:
# internal trusted net that is allowed to relay mynetworks = 192.168.1.0/24, 127.0.0.0/8 # domains that postfix should accept mails for from the internet relay_domains = domain1.example.com, domain2.example.com, domain3.example.com # reject not listed recipients as invalid, otherwise mail would bounce later relay_recipient_maps = hash:/etc/postfix/relay_recipients This is interesting; how to I tell Postfix to check the internal mailserver (Exchange) for address verification?
# accept mails for relay_domains and relay for mynetworks smtpd_recipient_restrictions = permit_mynetworks, reject_unauth_destination # send mail for special domains to the servers within: transport_maps = hash:/etc/postfix/transport
/etc/postfix/transport: # brackets to suppress mx lookup domain1.example.com: relay:[192.168.1.13] domain2.example.com: relay:[192.168.1.13] domain2.example.com: relay:[192.168.1.13]
/path/to/file/with/valid/addresses: address1@domain1.example.com OK address2@domain1.example.com OK address1@domain2.example.com OK address2@domain2.example.com OK address1@domain3.example.com OK address2@domain3.example.com OK ....
This should give you a working installation without any whistles and bells. If you don't have a list with valid addresses then you either need to extract it (use an automated script later), use address verification ( postfix asks the internal server if the address is valid), This is very promising. How does this work against an Exchange server?
or, worst case, disable recipient validation. That would lead to
bounces, so I advise against it.
If you want to get startet as fast as possible set "relay_recipient_maps = ", that will disable the recipient validation.
All files with hash: in the beginning need to be converted to databases with the postmap command after every change:
postmap /etc/postfix/transport postmap /etc/postfix/relay_recipients
Okay, when running postmap I get an error of, postmap: warning: /etc/postfix/transport, line 274: record is in "key: value" format; is this an alias file? Should I drop the colon after the doamin name? Thank you, ~James