I'd like to deploy a new (postfix) email service for my domain (example.com) to:
- allow sending email to ANY domain ONLY if the sender (our cloud applications instances) is authenticated (e.g. by SMTP password)
- allow our users to reply to received emails at: support@example.com
- allow us to be notified of undeliverable email: mailerrors@example.com
- relay email addressed to *@example.com to our Google Apps email host (which must also be able to directly receive email destined for example.com)
... in order to avoid daily sending limits for our Google Apps email host.
Is it possible to configure both authenticated and unauthenticated access to a postfix server?
Or should I use postmulti?
Ideas:
My thinking was, configure postfix so that,
- if a password is provided email, new mail is sent directly to the destination.
- if a password is not provided:
- relay any messages addressed to example.com to our Google service
- reject all other messages.
- (and also: register the server in the example.com's MX record, in addition to the Google Apps servers, so that our sent mail with *@example.com From/ReplyTo header fields are accepted by destination spambots.)
From what I see, postfix configuration for the above case is straightforward if I have two postfix servers:
- A: password required SMTP server to
- B: passwordless relay that sends example.com address mail to our Google Apps service
However, I think these need to be co-hosted (since destination servers match the IP address of the sending server with the MX record, but the MX record must also point to B).
Sould I use postmulti to co-host these differently configured servers and block access to the "A" server behind within a firewall and on a non-standard port?
Or is there some other postfix config magic to do what I want?