Есть гейт с выходом в интернет на котором крутиться постфикс. Стоит задача, чтобы MTA агент в лице Postfix не смог отсылать почту на левые почтовые интернет ящики (типа .mail.ru/yandex.ru и т.д.), а отсылал только на те сервера, которые ему укажут в отдельном списке. Вот пример моего конфига, может что надо подправить:
mail_spool_directory = /var/mail canonical_maps = hash:/etc/postfix/canonical virtual_maps = hash:/etc/postfix/virtual relocated_maps = hash:/etc/postfix/relocated transport_maps = hash:/etc/postfix/transport sender_canonical_maps = hash:/etc/postfix/sender_canonical masquerade_exceptions = root masquerade_classes = envelope_sender, header_sender, header_recipient myhostname = gate.mail1.ru mydomain = mail1.ru program_directory = /usr/lib/postfix inet_interfaces = 127.0.0.1, 192.168.2.1, 123.456.789.123 masquerade_domains = ;recipient_bcc_maps = hash:/etc/postfix/recipient_bcc_map mydestination = $myhostname, localhost.$mydomain, mail1.ru, mail2.ru, mail3.com mynetworks=192.168.2.0/24, 127.0.0.0/8 defer_transports = disable_dns_lookups = no relayhost = content_filter = mailbox_command = mailbox_transport = #smtpd_sender_restrictions = hash:/etc/postfix/access #smtpd_client_restrictions = smtpd_helo_required = no smtpd_helo_restrictions = strict_rfc821_envelopes = no #smtpd_recipient_restrictions = permit_mynetworks,reject_unauth_destination smtp_sasl_auth_enable = no smtpd_sasl_auth_enable = no smtpd_use_tls = no smtp_use_tls = no
smtpd_sender_restrictions = permit_mynetworks, reject_non_fqdn_sender, reject_rbl_client list.dsbl.org, reject_rbl_client bl.spamcop.net, reject_rbl_client combined.njabl.org, reject_rbl_client rhsbl.ahbl.org, reject_rbl_client multi.surbl.org, reject_rbl_client relays.ordb.org, reject_rbl_client sbl-xbl.spamhaus.org, reject_invalid_hostname, reject_unknown_sender_domain smtpd_client_restrictions = permit_mynetworks, reject_non_fqdn_sender, reject_rbl_client list.dsbl.org, reject_rbl_client bl.spamcop.net, reject_rbl_client combined.njabl.org, reject_rbl_client rhsbl.ahbl.org, reject_rbl_client multi.surbl.org, reject_rbl_client relays.ordb.org, reject_rbl_client sbl-xbl.spamhaus.org, reject_invalid_hostname, reject_unknown_sender_domain smtpd_recipient_restrictions = reject_unlisted_recipient, permit_mynetworks, permit_mx_backup, reject_non_fqdn_recipient, reject_unauth_destination
#smtpd_recipient_restrictions = reject_maps_rbl
alias_maps = hash:/etc/aliases mailbox_size_limit = 0 message_size_limit = 50240000 body_checks = regexp:/etc/postfix/body_checks html_directory = /usr/share/doc/packages/postfix/html
