Relay host based on destination MX record

postfix

I wish to set up Postfix to use an external relay depending on the destination hostname, ie:

  • If destination hostname is *.outlook.com, use relay some_smtp.example.com
  • If any other destination hostname, use local relay

What I mean by destination hostname is the hostname obtained from MX record. If the recipient domain has MX record microsoft-com.mail.protection.outlook.com, then use a different relay

I know it is possible to specify a relay depending on the sender address (using sender_dependent_relayhost_maps), but it's impractical in my situation.

The goal is to use a different relay for finicky destination hosts: maybe Mandrill, or another Postfix installation.


You can setup a transport map to selectively choose mails with @outlook.com as destination address and relay them via some_smtp.example.com as shown below.

Add the entry below to /etc/postfix/transport

outlook.com smtp:[some_smtp.example.com]

Add the entry below to /etc/postfix/main.cf

transport_maps = hash:/etc/postfix/transport

Restart postfix after the following command

sudo postmap /etc/postfix/transport

Arul's answer was perfect for transport based on recipient domain. However, bencaue you refer to MX record hostname instead recipient domain, the answer was non-applicable.

One solution is using check_recipient_mx_access. Snippet from official docs

check_recipient_mx_access type:table

Search the specified access(5) database for the MX hosts for the RCPT TO domain, and execute the corresponding action. Note: a result of "OK" is not allowed for safety reasons. Instead, use DUNNO in order to exclude specific hosts from blacklists. This feature is available in Postfix 2.1 and later.

For your case, just put check_recipient_mx_access hash:/etc/postfix/finickydestination in appropriate place smtpd_*_restriction. In that file put the hostname

# /etc/postfix/finickydestination
.outlook.com FILTER smtp:[some_smtp.example.com]

Don't forget to postmap the file and execute postfix reload.

Reference(s):

  • Postfix patch announcement regarding VeriSign site finder
  • Another people which has same problem

As @user221326 (i don't have enough rep to comment myself) pointed out @masegaloeh answer will NOT work as check_recipient_mx_access expects a access table with a ACTION

More info in the man page

The action you want is FILTER so something like

.outlook.com FILTER smtp:[some_smtp.example.com]

Note if you have multiple FILTER only the last will fire so ensure this comes after everything else.

Furthermore .outlook.com will only catch sub/super domains (e.g. whatever.protection.outlook.com) if smtpd_access_maps is NOT in parent_domain_matches_subdomains, otherwise you want outlook.com (no leading dot)

Lastly keep in mind that this action applies to the whole message as soon as one recipients MX matches the domain, which should be a non-issue as long as your defined target isn't a MDA.

Cheers

Related

Apache reaching MaxClients and locking the server
nginx redirect to www.domain
Hyper-V Machine drifts time all over, even with NTP
AWS VPC + IPtables + NAT: Port Forwarding is not working
Monitoring Dell/HP Servers Running ESXi (Free)
Monitor Internet bandwidth
What is reverse DNS?
Use ip route add to add multicast routes to multiple interfaces
How to automatically paste today's date with keyboard shortcut?
finer control of Preview anti-aliasing (font smoothing)?
How to get icons in Safari favorites (aka favicons) to display correctly?
Changing modifier keys from the command line