This is an effort to consolidate some of the good information i found around Postfix in recent times.
I collected this info from different sources so thought of putting them under one article to make it easy for anybody like me in future looking for it.
Here are few examples :
Scenario:
If email from hooli.com then send to MTA1 , elif email from piedpiper.com then send to MTA2
/@hooli.com$/ smtp:[smtp.mta1.org]:587
/@piedpiper.com$/ smtp:[smtp.mta2.org]:587
Scenario :
Remove a particular header from the outgoing message
/^Message-Id:(.*?)nettycoons(.*?)/ REPLACE Message-Id:$1$2
Scenario:
if the “My-Custom-Header” header contains hooli.com and NOT “hooli.com;piedpiper.com”, meaning anything with “hooli.com on the left hand match” route it via “MTA1”. Everything else will go default route in main.cf
if /^My-Custom-Header:\ hooli.com;/
!/^My-Custom-Header:\ hooli.com;piedpiper.com/ FILTER smtp:[smtp.mta1.org]:587
endif
Scenario :
Basically current postfix allow you to have mapping of one MTA <> one MTA credentials. Many MTA’s like mailgun use multiple credentials for multiple domains that they handle. So how to handle this in postfix.
If email is FROM *@hooli.com then go to MTA1 , if FROM *@piedpiper.com then go to MTA1 but with different credentials.
Way we handled this one was by creating DNS entries on our side , which basically CNAME to same MTA and then using those DNS entries in postfix mapping file.
For example we created two DNS entries –
smtp.hooli.com CNAME smtp.mta1.com
smtp.piedpiper.com CNAME smtp.mta1.com
In postfix mapping file –
smtp.hooli.com <> credentials
smtp.piedpiper.com <> credentials
This handled scenario “If [some condition] then use this relay using this credentials.”
Some security related stuff:
/^Received:.*Postfix/ IGNORE
– Basically when message is originating from you internal MTA , this will hide what hops it traveled inside your network.
/^X-Originating-IP:/ IGNORE
– To hide your internal IP’s
/^X-Mailer:/ IGNORE
– To hide your MTA type
Other useful links: