Você pode usar smtpd_restriction_classes
# /etc/postfix/main.cf
smtpd_restriction_classes = restricted_sender
restricted_sender = permit_mynetworks, permit_sasl_authenticated, reject
smtpd_sender_restrictions =
check_sender_access hash:/etc/postfix/restricted_domain
reject_non_fqdn_sender
Adicione todos os seus domínios à lista
# cat /etc/postfix/restricted_domain
example.com restricted_sender
example.net restricted_sender
# postmap /etc/postfix/restricted_domain
# postconf mynetworks
mynetworks = 127.0.0.0/8
Alguns testes básicos
Remetente em mynetworks. Sem autenticação - Acesso concedido
# echo "Hello world" | swaks -4 --server localhost --from [email protected] --to [email protected] --h-Subject "Test message" --body -
=== Trying localhost:25...
=== Connected to localhost.
<- 220 smtp.example.net ESMTP Postfix
-> EHLO jenkins.example.net
<- 250-smtp.example.net
<- 250-PIPELINING
<- 250-SIZE 10240000
<- 250-VRFY
<- 250-ETRN
<- 250-ENHANCEDSTATUSCODES
<- 250-8BITMIME
<- 250 DSN
-> MAIL FROM:<[email protected]>
<- 250 2.1.0 Ok
-> RCPT TO:<[email protected]>
<- 250 2.1.5 Ok
-> DATA
<- 354 End data with <CR><LF>.<CR><LF>
-> Date: Fri, 25 Mar 2016 10:12:47 +0000
-> To: [email protected]
-> From: [email protected]
-> Subject: Test message
-> X-Mailer: swaks v20130209.0 jetmore.org/john/code/swaks/
->
-> Hello world
->
->
-> .
<- 250 2.0.0 Ok: queued as 327251C1566
-> QUIT
<- 221 2.0.0 Bye
=== Connection closed with remote host.
Remetente fora do mynetworks. Sem autenticação - Acesso negado
# echo "Hello world" | swaks -4 --server smtp.example.net --from [email protected] --to [email protected] --h-Subject "Test message" --body -
=== Trying 192.168.88.87:25...
=== Connected to 192.168.88.87.
<- 220 smtp.example.net ESMTP Postfix
-> EHLO tl-resin-node1.example.net
<- 250-smtp.example.net
<- 250-PIPELINING
<- 250-SIZE 10240000
<- 250-VRFY
<- 250-ETRN
<- 250-ENHANCEDSTATUSCODES
<- 250-8BITMIME
<- 250 DSN
-> MAIL FROM:<[email protected]>
<- 250 2.1.0 Ok
-> RCPT TO:<[email protected]>
<** 554 5.7.1 <[email protected]>: Sender address rejected: Access denied
-> QUIT
<- 221 2.0.0 Bye
=== Connection closed with remote host.
Remetente fora do mynetworks. Com autenticação - acesso concedido
# echo "Hello world" | swaks -4 --server smtp.example.net --auth PLAIN --auth-user [email protected] --auth-password 1234567 --from [email protected] --to [email protected] --h-Subject "Test message" --body -
=== Trying 192.168.88.87:25...
=== Connected to 192.168.88.87.
<- 220 smtp.example.net ESMTP Postfix
-> EHLO tl-resin-node1.example.net
<- 250-smtp.example.net
<- 250-PIPELINING
<- 250-SIZE 10240000
<- 250-VRFY
<- 250-ETRN
<- 250-AUTH LOGIN PLAIN
<- 250-ENHANCEDSTATUSCODES
<- 250-8BITMIME
<- 250 DSN
-> AUTH PLAIN [HASH]
<- 235 2.7.0 Authentication successful
-> MAIL FROM:<[email protected]>
<- 250 2.1.0 Ok
-> RCPT TO:<[email protected]>
<- 250 2.1.5 Ok
-> DATA
<- 354 End data with <CR><LF>.<CR><LF>
-> Date: Fri, 25 Mar 2016 06:20:10 -0400
-> To: [email protected]
-> From: [email protected]
-> Subject: Test message
-> X-Mailer: swaks v20130209.0 jetmore.org/john/code/swaks/
->
-> Hello world
->
->
-> .
<- 250 2.0.0 Ok: queued as D04581C7EAD
-> QUIT
<- 221 2.0.0 Bye
=== Connection closed with remote host.