On Mon, Mar 01, 2021 at 11:14:57AM +0100, Jaap Gordijn wrote:
> relayhost = aaa.bbb.ccc:25
> virtual_mailbox_domains = xxx.yyy.zzz
> virtual_transport = lmtp:unix:private/dovecot-lmtp
>
> I would like to achieve the following
> - mail of all subnets in my LAN is relayed if nesessary (so not for the
> virtual domain). To accomplish this, I have listed all my subnets under
> mynetworks. This works
> - restrict the delivery of a particular subnet, 192.168.80.0/24 only to the
> virtual domain so forbid further relay via the relayhost
>
> How to accomplish this? I can not remove the 192.168.80.0/24 from mynetworks
> because then the email is not delivered to the virtual domain too.
Postfix *by default* allows delivery to your domains from any source,
*without* listing that source in mynetworks.
# This denies access to send outbound mail to remote domains
# unless the client is in mynetworks.
# It does not deny inbound mail to your own domains!
#
smtpd_relay_restrictions =
permit_sasl_authenticated,
permit_mynetworks,
#
# The default setting is a cautious "defer_unauth_destination",
# but a production configuration should promptly change this to
# the below:
#
reject_unauth_destionation
If not listing a subnet in mynetworks blocks delivery to a domain
listed in any of:
- mydestination
- virtual_alias_doamins
- virtual_mailbox_domains
- relay_domains
then you have a configuration error.
--
Viktor.
