Postfix masquerading or changing outgoing SMTP email or mail address

Posted on in Categories Debian Linux, Gentoo Linux, Linux, Mail server, Postfix, RedHat/Fedora Linux, Suse Linux, Ubuntu Linux, UNIX last updated December 28, 2006

Address rewriting allows changing outgoing email ID or domain name itself. This is good for hiding internal user names. For example:
SMTP user: tom-01
EMAIL ID: [email protected]
Server name: server01.hosting.com

However when tom-01 send an email from shell prompt or using php it looks like it was send from [email protected]

In some cases internal hosts have no valid Internet domain name, and instead use a name such as localdomain.local or something else. This can be a problem when you want to send mail over the Internet, because many mail servers reject mail addresses with invalid domain names to avoid spam.

Postfix MTA offers smtp_generic_maps parameter. You can specify lookup tables that replace local mail addresses by valid Internet addresses when mail leaves the machine via SMTP.

Open your main.cf file
# vi /etc/postfix/main.cf

Append following parameter
smtp_generic_maps = hash:/etc/postfix/generic

Save and close the file. Open /etc/postfix/generic file:
# vi /etc/postfix/generic

Make sure [email protected] change to [email protected]
[email protected] [email protected]

Save and close the file. Create or update generic postfix table:
# postmap /etc/postfix/generic

Restart postfix:
# /etc/init.d/postfix restart

When mail is sent to a remote host via SMTP this replaces [email protected] by [email protected] mail address. You can use this trick to replace address with your ISP address if you are connected via local SMTP.

Posted by: Vivek Gite

The author is the creator of nixCraft and a seasoned sysadmin and a trainer for the Linux operating system/Unix shell scripting. He has worked with global clients and in various industries, including IT, education, defense and space research, and the nonprofit sector. Follow him on Twitter, Facebook, Google+.

16 comment

  1. Thanks this was helpful. I needed to be able to get my home server to forward mdadm alerts to my external email address through my isp’s smtp server (cox cable) and this was the missing piece.

  2. I get this strange message from smtp.com in /var/spool/postfix/defer
    I have found this message
    for EVERY mail attempted sent via Postfix:

    : host smtp.com.inbound10.mxlogic.net[208.65.144.3] said: 451
    Could not load DRD for domain (1base.com) rcpt ([email protected]) (in reply to
    RCPT TO command)
    [email protected]
    offset=133
    status=4.0.0
    action=delayed
    reason=host smtp.com.inbound10.mxlogic.net[208.65.144.3] said: 451 Could not
    load DRD for domain (1base.com) rcpt ([email protected]) (in reply to RCPT TO
    command)

  3. hi,
    i am using postfix and currently i can use any email address to specify FROM id.
    so it is like faking any email address. smtp use can change his/her from email address. so i was wanting to change the from email address to the one with the same username.
    for example: user live can send email from [email protected] but i want to restrict all user to use there own email address and own domains.
    i want to restrict user live to send mail only from [email protected] not any other like [email protected]
    any help will highly be appreciated
    greeting from Nepal,
    ~prahmod

  4. Hi, I liked your article but don’t know exactly if my question is answered by your article. Actually I receive email from a particular domain where they change the source domain in email to my domain (for example [email protected] is changed to [email protected]) On reading complete headers the real domain is revealed but in From: header they put a fake address as [email protected], where receiver-domain is my domain. How they do it? Is it legal and if so then what is the purpose?

  5. @alice that is actually illegal but one can easy forge their domain and use any domain name if they own a mail server…Generally these type of activities are done by spammers to spam and sometime even by attackers to create a certain email to seem like a mail originating from the legitimate domain..
    To control this type of forgery one can use dns service to update their SPF. https://en.wikipedia.org/wiki/Sender_Policy_Framework
    so that email originating from a particular ip are treated as genuine and other then that ip with that domain name as spam..
    Google, yahoo and other mail provider use this technique to know that email are send from the allowed ip or not

Leave a Comment