Lets say you're a sysadmin doing email migration of a Clustered SMTP and due to that you want to capture for a while all incoming email traffic and redirect it (forward it) towards another single mailbox, where you can review the mail traffic that is flowing for a few hours and analyze it more deeper. This aproach is useful if you have a small or middle sized mail servers and won't be so useful on a mail server that handels few hundreds of mails hourly. In below article I'll show you how.
How to redirect all postfix mail for a specific domain to single external email address?
There are different ways but if you don't want to just intercept the traffic and a create a copy of email traffic using the always_bcc integrated postfix option (as pointed in my previous article postfix copy every email to a central mailbox). You can do a copy of email flow via some custom written dispatcher script set to be run by the MTA on each mail arriva, or use maildrop filtering functionality below is very simple example with maildrop in case if you want to filter out and deliver to external email address only email targetted to specific domain.
If you use maildrop as local delivery agent to copy email targetted to specifidc domain to another defined email use rule like:
if ( /^From:.*domain.com/:h ) {
cc "!someothermail@domain2.com"
}
To use maildrop to just forward email incoming from a specific sender towards local existing email address on the postfix to an external email address use something like:
if ( /^From: .*linus@mail.example.com.*/ )
{
dotlock "forward.lock" {
log "Forward mail"
to "|/usr/sbin/sendmail linuxbox@collector.example.com"
}
}
Then to make the filter active assuming the user has a physical unix mailbox, paste above to local user's $HOME/.mailfilter.
What to do if your mail delivered via your Email-Server.com are sent from a monitoring and alarming scripts that are sending towards many mailboxes that no longer exist after the migration?
To achive capturing all normal attempted to be sent traffic via the mail server, we can forward all served mails towards a single external mail address you can use the nice capability of postfix to understand PCRE perl compatible regular expressions. Regular expressions in postfix of course has its specific I recommend you take a look to the postfix regexp table documentation here, as well as check the Postfix Regex / Tester / Debugger online tool – useful to validate a regexp you want to implement.
How to use postfix regular expression to do a redirect of all sent emails via your postfix mail relayhost towards external mail servers?
In main.cf /etc/postfix/main.cf include this line near bottom or as a last line:
virtual_maps = hash:/etc/postfix/virtual, regexp:/etc/postfix/virtual-regexp
One defines the virtual file which can be used to define any of your virtual domains you want to simulate as present on the local postfix, the regexp: does load the file which is read by postfix where you can type the regular expression applied to every incoming email via SMTP port 25 or encrypted MTA ports 385 / 995 etc.
So how to redirect all postfix mail to one external email address for later analysis?
Create file /etc/postfix/virtual-regexp
/.+@.+/ external-forward-email@gmail.com
Next build the mapfile (this will generate /etc/postfix/virtual-regexp.db )
# postmap /etc/postfix/virtual-regexp
This also requires a virtual.db to exist. If it doesn't create an empty file called virtual and run again postmap postfix .db generator
# touch /etc/postfix/virtual && postmap /etc/postfix/virtual
Note in /etc/postfix/virtual you can add your postfix mail domains for which you want the MTA to accept mail as a local mail.
In case you need to view all postfix defined virtual domains configured to accept mail locally on the mail server.
$ postconf -n | grep virtual
virtual_alias_domains = mydomain.com myanotherdomain.com
virtual_alias_maps = hash:/etc/postfix/virtual
The regexp /.+@.+/ external-forward-email@gmail.com applied will start forwarding mails immediately after you reload the MTA with:
# systemctl restart postfix
If you want to exclude target mail domains to not be captured by above regexp, in /etc/postfix/virtual-regexp place:
/.+@exclude-domain1.com/ @exclude-domain1.com
/.+@exclude-domain2.com/ @exclude-domain2.com
Time for a test. Send a test email
Next step is to Test it mail forwarding works as expected
# echo -e "Tseting body" | mail -s "testing subject" -r "testing@test.com" whatevertest-user@mail-recipient-domain.com
More helpful Articles
Tags: after, again, alias, ALL, amp, and, another, ANY, are, article, com, copy, email address, file, How to, MTA, postfix, redirect, traffic, use