August 27, 2018

217 words 2 mins read

Postfix sender_login_maps

Postfix sender_login_maps

As recommended you should add reject_sender_login_mismatch to your sender_restrictions to only allow users to send with their own address as FORM. Anyways some special cases are requiring you to login with one address, but send as another like WordPress on most php setups tries to. I created an account called and changed some settings to allow this specific user to send with all addresses.

sender_restrictions = reject_sender_login_mismatch,...

submission inet n       -       y       -       -       smtpd -v
    -o smtpd_sender_restrictions=$sender_restrictions
    -o smtpd_sender_login_maps=mysql:/etc/postfix/sql/


user = mail
password = passwd
hosts = localhost
dbname = mail
query = select concat(username, '@', domain) as 'res' from accounts where username = '%u' AND domain = '%d' union select destination AS 'res' from aliases where source = '%u@%d' union select login AS 'res' from sender_acl where send_as = '%s' OR send_as = '@%d' OR send_as = '*';


CREATE TABLE `sender_acl` (
  `id` int(10) UNSIGNED NOT NULL,
  `send_as` varchar(100) NOT NULL,
  `login` varchar(100) NOT NULL

INSERT INTO `sender_acl` (`id`, `send_as`, `login`) VALUES
(1, '*', '');

send_as can be set to “” or “” to allow every address (* of that specific domain or to “*” (star) to allow to send without any restrictions.

As always don’t forget the risks such a setup could cause.