On Fri, May 28, 2021 at 10:27:29AM -0500, David Favor wrote:
> My goal is to limit allowed sender domains, to ensure no
> mail config problem sends from a domain with no no SPF
> authorization for sending IP.
The transport table is surely the wrong place to do that. Instead, use
access(5) to refuse mail from unsupported sender addresses.
For local submission (often out of scope if the MTA in question
has no local submission users, b/c it a dedicated server, or
an outbound instance in a multi-instance setup, ...), Postfix 3.6
adds local_login_sender_maps which can be used to restrict the
allowed domains for local submission:
local_login_sender_maps =
inline:{ { root = *}, { postfix = * } },
static:{ @davidfavor.com, @fixdeliver.com }
If local submission is in fact in scope for you, because you have
untrusted users logged into the MTA, you can upgrade to Postfix 3.6,
or use a multi-instance configuration with local submission going to
a null-client instance which relays to the MTA instance, which can
use access(5) to reject relaying with non-local sender addresses.
--
Viktor.
