Is it possible to let Postfix decide which hosts to relay mail for, based on the domain from which that mail is sent?
I'm building a relayhost that should accept e-mail from a whole bunch of internal mailservers, and relay it to the Internet, after scanning, DKIM-signing and rate limiting. But I don't want to give Postfix one list of all hosts that are allowed to relay mail through it, because that would allow users of all internal servers to send mail from all domains. I'm looking for a way to let Postfix check if the host is allowed to send mail for the domain involved. I'm using an LDAP backend and what I thought I wanted to do under "smtpd_relay_restrictions" is a "check_client_access" query for the domain, and return the attribute which contains the host(s) that are allowed, with "PERMIT", like this: smtpd_relay_restrictions = check_client_access ldap:relay_access Where the file relay_access contains something like: query_filter = domainName=%d result_attribute = allowedHost result_format = %s PERMIT But the input key here is not the domain name, but the address of the smtpserver sending the message. How do I match a domain name with an IP-address or FQDN? Or am I looking in the wrong direction here? Kind regards, Hans
