I noticed that many tutorials on the web specify the mydestination variable of postfix like this:
mydestination = localhost, localhost.myhostname, myhostname, mydomain1.com, mydomain2.com
Note: myhostname is the name postfix uses in HELO.
However this would allow an external client to send an email to user@localhost. Of course only if user is a valid username and postfix' restrictions (like reject_non_fqdn_recipient) are not used.
Since I want to accept mails only for mydomain1.com and mydomain2.com I changed the line at my server to:
mydestination = mydomain1.com, mydomain2.com
This works for external mail and even for local mails, where only the receiver-username without domain is used (due to the correct domain mydomain1.com in /etc/mailname).
Now I wonder whether the absence of localhost etc. in mydestination can cause any problems or if my configuration is fine.
To reject mail for specific recipient, put in main.cf:
smtpd_recipient_restrictions = permit_my networks, reject_unknown_recipient_domain, reject_unauth_destination, check_recipient_access hash:/etc/postfix/recipient_rejectIn /etc/postfix/recipient_reject:
[email protected] REJECT