In my mailing list system (Mailman) I needed to make sure that no one else than a certain list of senders would be able to send commands via email to the xxxx-request@mylist.com. Since I could not find this feature in Mailman I decided to go the Postfix way. So here is the configuration I made which works very well.

Note: The disadvantage of this solution is that only the system administrator can change the content of the protected receivers and permitted senders lists.

Principle:
– Create a verification class which we will call: permitted_senders_list
– Create 2 lists and hash them:
– /etc/postfix/commands_protected_recipients
– /etc/postfix/commands_permitted_senders
– Tell postfix (in /etc/postfix/main.cf) to use a special test which will check if the recipient is a protected one and allow only certain senders to send to them.

Configuration:
smtpd_restriction_classes = permitted_senders_list
permitted_senders_list = check_sender_access hash:/etc/postfix/commands_permitted_senders, reject
smtpd_recipient_restrictions =
..................
check_recipient_access hash:/etc/postfix/commands_protected_recipients,
..................

Content of /etc/postfix/commands_protected_recipients
maillist1-request@mydomain.com permitted_senders_list
maillist2-request@mydomain.com permitted_senders_list

Content of /etc/postfix/commands_permitted_senders
admin1@mydomain.net OK
admin2@domain2.com OK
mailmaster@domain3.org

Hash both files:
cd /etc/postfix
postmap commands_protected_recipients
postmap commands_permitted_senders

Reload Portfix configuration:
/etc/init.d/postfix reload

Now only user which have the
From: admin1@mydomain.net
or admin2@domain2.com
or mailmaster@domain3.org
in their Mail Headers will get through to the accounts
maillist1-request@mydomain.com
and maillist2-request@mydomain.com.
All other senders will be refused.
Note: This setting will not interfere with any other sending/receiving of other email accounts at all.

That was it, Happy Postfixing

%d bloggers like this: