Postfix masquerading or changing outgoing SMTP email or mail address

Postfix masquerading or changing outgoing SMTP email or mail address
Address rewriting allows changing outgoing email ID or the domain name itself. Useful for hiding out internal user names, especially shell users on Linux and Unix boxes. For example:
» SMTP user/shell user: tom-01
» EMAIL ID: tom@domain.com
» Server name (FQDN): server01.hosting.com
However, when tom-01 send an email from shell prompt, cron job or using php, it looks like it was sent from tom-01@server01.hosting.com. In some cases, internal hosts have no valid Internet domain name, and instead, use a name such as localdomain.local or something else. It can be a problem when you want to send mail over the Internet because many mail servers reject mail addresses with invalid domain names to avoid spam. Another valid case is where your email routed using a smarthost such as AWS SES. A smarthost is an email server in the cloud or at ISP datacenter via which we can send emails and have them forwarded on to the email recipients’ email servers.

Postfix MTA offers smtp_generic_maps parameter. You can specify lookup tables that replace local mail addresses by valid Internet addresses when mail leaves the machine via SMTP.

ADVERTISEMENTS

Postfix masquerading and changing outgoing SMTP email or mail address

Open your main.cf config file using a text editor such as vim command/nano command:
# vi /etc/postfix/main.cf
Append following parameter
smtp_generic_maps = hash:/etc/postfix/generic
Save and close the file when using vim. Open /etc/postfix/generic file:
# vi /etc/postfix/generic
Make sure tom-01@server01.hosting.com change to tom@domain.com as follows:
tom-01@server01.hosting.com tom@domain.com
Save and close the file. Create or update generic postfix table using the postmap command:
# postmap /etc/postfix/generic
Finally restart or reload postfix service:
# /etc/init.d/postfix restart
## OR ##
# systemctl restart postfix.service

Test change of postfix sender address from the CLI

When an email is sent to a remote host via SMTP this replaces tom-01@server01.hosting.com by tom@domain.com mail address. You can use this trick to replace address with your ISP address if you are connected via local SMTP or AWS SES. See how to set up/configure AWS SES with Postfix MTA for more information.

Sample config for AWS SES

Display map using the cat command or grep command/egrep command:
# cat /etc/postfix/generic
# grep $HOSTNAME /etc/postfix/generic

@ip-172-26-14-129.ec2.internal  webmaster@cyberciti.biz
@ec2-debian-10-server webmaster@cyberciti.biz

Set the following in your main.cf:
smtp_generic_maps = hash:/etc/postfix/generic
Create or update table using the postmap command:
# postmap -v /etc/postfix/generic

postmap: name_mask: all
postmap: inet_addr_local: configured 4 IPv4 addresses
postmap: inet_addr_local: configured 2 IPv6 addresses
postmap: open hash /etc/postfix/generic
postmap: Compiled against Berkeley DB: 5.3.28?
postmap: Run-time linked against Berkeley DB: 5.3.28?

Restart the Postfix service:
# systemctl restart postfix.service

Verify it

Let us send email using Linux console:
# echo 'This is a test' | mail -s 'test' vivek@nixcraft.org
Watch out for Postfix log file using the tail command:
# tail -f /var/log/mail.log

Aug 14 11:14:52 ubuntu-pi-hole postfix/pickup[13224]: 5F2DB8243B: uid=0 from=<root@ec2-debian-10-server>
Aug 14 11:14:52 ubuntu-pi-hole postfix/cleanup[13238]: 5F2DB8243B: message-id=<20200814111452.5F2DB8243B@ec2-debian-10-server>
Aug 14 11:14:52 ubuntu-pi-hole postfix/qmgr[13225]: 5F2DB8243B: from=<root@ec2-debian-10-server>, size=339, nrcpt=1 (queue active)
Aug 14 11:14:58 ubuntu-pi-hole postfix/smtp[13241]: 5F2DB8243B: to=<vivek@nixcraft.org>, relay=email-smtp.us-west-2.amazonaws.com[35.166.199.61]:587, delay=6.6, delays=0.03/0.02/4.3/2.2, dsn=2.0.0, status=sent (250 Ok 01010173ecae1595-3bd2fa2d-7693-4b0f-b573-1a499983f677-000000)
Aug 14 11:14:58 ubuntu-pi-hole postfix/qmgr[13225]: 5F2DB8243B: removed

Conclusion

You learned about the generic table specifies an address mapping that applies when mail is delivered using Postfix MTA. The syntax is:

foo@localdomain.local   foo@yourdomain.here
bar@localdomain.local   bar@another.here
@localdomain.local      webmaster@cyberciti.biz
@ubuntu-pi-hole-vm      webmaster@cyberciti.biz
🐧 Get the latest tutorials on SysAdmin, Linux/Unix, Open Source & DevOps topics via:
CategoryList of Unix and Linux commands
File Managementcat
FirewallAlpine Awall CentOS 8 OpenSUSE RHEL 8 Ubuntu 16.04 Ubuntu 18.04 Ubuntu 20.04
Network Utilitiesdig host ip nmap
OpenVPNCentOS 7 CentOS 8 Debian 10 Debian 8/9 Ubuntu 18.04 Ubuntu 20.04
Package Managerapk apt
Processes Managementbg chroot cron disown fg jobs killall kill pidof pstree pwdx time
Searchinggrep whereis which
User Informationgroups id lastcomm last lid/libuser-lid logname members users whoami who w
WireGuard VPNCentOS 8 Debian 10 Firewall Ubuntu 20.04

ADVERTISEMENTS
15 comments… add one
  • 🐧 nixCraft Dec 28, 2006 @ 21:29

    Thanks for tagging me. I have just posted my own list.

    Appreciate your post.

  • Drew Jan 19, 2008 @ 5:30

    Thanks this was helpful. I needed to be able to get my home server to forward mdadm alerts to my external email address through my isp’s smtp server (cox cable) and this was the missing piece.

  • Ejler Ottesen Jun 22, 2008 @ 14:02

    I get this strange message from smtp.com in /var/spool/postfix/defer
    I have found this message
    for EVERY mail attempted sent via Postfix:

    : host smtp.com.inbound10.mxlogic.net[208.65.144.3] said: 451
    Could not load DRD for domain (1base.com) rcpt (eo@1base.com) (in reply to
    RCPT TO command)

    recipient=eo@1base.com
    offset=133
    status=4.0.0
    action=delayed
    reason=host smtp.com.inbound10.mxlogic.net[208.65.144.3] said: 451 Could not
    load DRD for domain (1base.com) rcpt (eo@1base.com) (in reply to RCPT TO
    command)
  • moja Jul 4, 2008 @ 14:34

    Thanks this was helpful. I needed to be able to get my home server to forward mdadm alerts to my external email address through my isp’s smtp server

  • anil Feb 19, 2009 @ 5:22

    Dear
    Can you explain same for sendmail also.

  • Gagan Brahmi Mar 24, 2009 @ 14:57

    Hey Vivek,

    I would like something similar done, but only for one email address and not all the emails being sent out.

    Any ideas?

  • Patrick Jan 25, 2010 @ 21:04

    This was a big help, thank you!

    Gagan, those instructions work for just one email (that was all I needed to do too.

  • Dropdigger Feb 27, 2011 @ 21:01

    Worked great – it’s now sending mail from the correct address. But postfix says my name is ‘root’ – any easy way to change that?

    • Rubem Apr 20, 2015 @ 16:21

      Hi! I’m with the same problem. Could you achieve any solution for this? Thanks!

  • Prahmod Mar 3, 2011 @ 9:23

    hi,
    i am using postfix and currently i can use any email address to specify FROM id.
    so it is like faking any email address. smtp use can change his/her from email address. so i was wanting to change the from email address to the one with the same username.
    for example: user live can send email from herry@domain.com but i want to restrict all user to use there own email address and own domains.
    i want to restrict user live to send mail only from live@domain.com not any other like anyuser@anydomain.com
    any help will highly be appreciated
    greeting from Nepal,
    ~prahmod

  • etrusk Jul 15, 2011 @ 11:37

    Thx a lot. A postfix is transforming more and more to a sendmail.
    🙂

  • alice Feb 22, 2012 @ 6:28

    Hi, I liked your article but don’t know exactly if my question is answered by your article. Actually I receive email from a particular domain where they change the source domain in email to my domain (for example abc@source-domain.com is changed to abc@receiver-domain.com) On reading complete headers the real domain is revealed but in From: header they put a fake address as abc@recevier-domain.com, where receiver-domain is my domain. How they do it? Is it legal and if so then what is the purpose?

  • Prahmod Feb 22, 2012 @ 12:04

    @alice that is actually illegal but one can easy forge their domain and use any domain name if they own a mail server…Generally these type of activities are done by spammers to spam and sometime even by attackers to create a certain email to seem like a mail originating from the legitimate domain..
    To control this type of forgery one can use dns service to update their SPF. https://en.wikipedia.org/wiki/Sender_Policy_Framework
    so that email originating from a particular ip are treated as genuine and other then that ip with that domain name as spam..
    Google, yahoo and other mail provider use this technique to know that email are send from the allowed ip or not

  • Dave Jul 4, 2012 @ 14:26

    Thanks for a great post on Postfix masquerading or changing outgoing SMTP email or mail address. This is very helpful for a newbie like me.

  • Rubem Apr 20, 2015 @ 16:18

    Thank you very much!! It was very helpful for me.

Leave a Reply

Your email address will not be published. Required fields are marked *

Use HTML <pre>...</pre>, <code>...</code> and <kbd>...</kbd> for code samples.