3

I operate a Linux system where I give out free Linux shell accounts to people for educational purposes. Unfortunately, while doing so it's expected to meet abusive users who will keep sending spam emails to other servers such as Google, Zoho, etc and hence will get the IP of the server blocked.

What I would like to do is allow the users on the system to send messages within localhost only. This means that when a user tries to send out an email to an external domain name, GMail for example, the request will be refused. However, if the user tries to send an email to another user on localhost (example: giovanni@localhost), the message will be sent. I don't mind receiving emails from other servers, but I don't want my server to send emails to other servers. How can I do so?

I'm running CentOS 6.5 with Postfix installed. How can I configure this? Any suggestion will be hugely appreciated!

countermode
  • 7,533
  • 5
  • 31
  • 58
Giovanni Mounir
  • 837

1 Answers1

3

Use a transport map:

Find or add the following line in your main.cf (alter the file location to fit your CentOS setup):

transport_maps = hash:/etc/postfix/transport

Edit the transport map file above to:

localhost   :
<your FQDN> :
*      error: Outgoing mail from this system has been disabled.

localhost and your FQDN will use local delivery. Anything else will be bounced with a message.

Update the database with:

# postmap /etc/postfix/transport

Reload the config:

# service postfix restart
garethTheRed
  • 33,957
  • Perfect! I tested it and it works. Thank you, Gareth! But I have a question, what is the use of "error: Outgoing mail..."? It doesn't show up when I try to connect to SMTP and send a message to a different host, I get a normal "Queued as %id" message. P.S I believe you meant service postfix restart instead of service reload postfix – Giovanni Mounir Aug 13 '14 at 12:13
  • The error: mailer is used to bounce email. However, I've noticed that I placed a space after the colon, whereas the man page shows the error text starting directly after the colon. Give it a try. As to the service command. I always get my service and systemctl options back to front - the former has service name first, the latter, last. I'll change it. – garethTheRed Aug 13 '14 at 13:23
  • Thanks for the explanation, I have looked at the manual and it says to use the error: mailer after the hostname have been specified. So it would be * error: Outgoing mail from this system has been disabled.. Tried with this and it worked, thank you very much! – Giovanni Mounir Aug 13 '14 at 13:39
  • @garethTheRed I see you answered this postfix question. I have another postfix question. Are you willing to help me with it? Here is the link: http://unix.stackexchange.com/questions/177610/unable-to-view-postfix-email-from-centos-7-command-line-why-not – CodeMed Jan 06 '15 at 03:20