How-to: Reject all outgoing mail except one domain
This solution modifies the transport map of postfix such that all outgoing mail is generally rejected except those that have been explicitly allowed to.
The relevant file here is to have /etc/postfix/transports
modified by ucr
:
# ucr set mail/maps/transport/20-default="example.com :"
# ucr set mail/maps/transport/99-reject="* reject: Only mail to example.com allowed"
The syntax is:
# ucr set mail/maps/transport/IDENTIFIER=TRANSPORTENTRY
The identifier is used to name the entry for ucr
in mail/maps/transport/
. Plase note that the identity is alphabetically sorted when /etc/postfix/transports
is regenerated whenever this list has been modified. As a result, care should be taken when naming the entries. In the example above, the entry that rejects all other addresses should come last in the list. Otherwise preceding values will have no effect.
The Transportentry can be a value described in transport(5).