[Tfug] Postfix sender_dependent_relayhost_maps
murphy+tfug at email.arizona.edu
Fri Nov 21 14:49:50 CST 2008
Glenn Pfeiffer wrote:
> Do any of you have any examples or resources to help me configure
> postfix to relay to different hosts depending on the sender?
> I have figured out that there are two config settings I need to
> change: sender_dependent_relayhost_maps and
Hi Glen. It was good seeing you last night at Claude's house.
I found your postfix question about sender dependent relaying in the
TFUG archives. You are right, the postfix docs are short on this!
# default smarthost for mail relaying
relayhost = [smtp1.example.com]
# senders who get a special relay
The syntax for the relayhost map is:
user1 at mydomain.com [smtp2.example.com]
user2 at mydomain.com [smtp2.example.com]
Create the hash from the text file with "postmap
hash:sender_dependent_relayhost" on the command line.
Since you mention smtp_sender_dependent_authentication I assume the
hosts you're relaying to require SMTP AUTH, correct?
Postfix has client side SMTP AUTH disabled by default. To use it you
need to enable it and create a password map. Be sure to chmod 600 the
password map so other users on your system can't read it.
smtp_sasl_auth_enable = yes
smtp_sal_password_maps = hash:/etc/postfix/sasl_passwd
Syntax for /etc/postfix/sasl_passwd:
user1 at mydomain.com user1 at mydomain.com:password1
user2 at mydomain.com user2 at mydomain.com:password2
# postmap hash:/etc/postfix/sasl_passwd
You may want to restrict the auth methods to secure ones if supported by
the remote servers:
smtp_sasl_security_options = noanonymous, noplaintext
If the remote server only offers plaintext auth, you could try to force
your postfix client to use TLS for secure transmission. I've seen that
it's more common for servers to support TLS than fancy SMTP AUTH
First enable postfix's client-side TLS with "smtp_use_tls = yes".
Then add "smtp_sasl_tls_security_options = noanonymous" under the
smtp_sasl_security_options line to allow plaintext methods over a TLS
I've never had to set up a sender based relay server like this so
hopefully these hints can help you out.
The opinions or statements expressed herein are my own and should not be
taken as a position, opinion, or endorsement of the University of
More information about the tfug