When managing multiple domains on a single mail server, you often need different outgoing mail configurations per domain. The default Postfix setup typically routes all outgoing mail through a single SMTP relay, which becomes problematic when:
- Different domains require separate SendGrid accounts
- You need domain-specific authentication credentials
- Mail tracking metrics need to be isolated per domain
The solution lies in Postfix's sender-dependent relayhost feature. Here's the key configuration:
# /etc/postfix/main.cf sender_dependent_relayhost_maps = hash:/etc/postfix/relay_hosts smtp_sender_dependent_authentication = yes smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
Create /etc/postfix/relay_hosts with domain-specific configurations:
# Format: sender_address relayhost:port @domain1.com [smtp.sendgrid.net]:587 @domain2.com [smtp.sendgrid.net]:587
Compile the map file:
postmap /etc/postfix/relay_hosts
Create /etc/postfix/sasl_passwd with domain-specific credentials:
# Format: relayhost:port username:password [smtp.sendgrid.net]:587 domain1_apikey:SG.xxxxxxxx [smtp.sendgrid.net]:587 domain2_apikey:SG.yyyyyyyy
Secure and compile the file:
chmod 600 /etc/postfix/sasl_passwd postmap /etc/postfix/sasl_passwd
Verify your setup with:
postconf -n | grep sender_dependent postmap -q @domain1.com hash:/etc/postfix/relay_hosts
- Check mail logs:
tail -f /var/log/mail.log - Test SMTP delivery:
swaks -t recipient@example.com -f sender@domain1.com - Verify SASL authentication:
postmap -q '[smtp.sendgrid.net]:587' /etc/postfix/sasl_passwd
When managing multiple websites on a single server, a common challenge arises with email delivery. Many developers use SendGrid as their SMTP relay, but need different authentication credentials per domain. The default Postfix configuration typically routes all outgoing mail through a single SendGrid account, which isn't ideal when managing separate client domains.
The solution lies in Postfix's sender-dependent SASL authentication feature. This allows you to specify different SMTP credentials based on the sender's email domain. Here's how to implement it:
# Main configuration in /etc/postfix/main.cf smtp_sender_dependent_authentication = yes sender_dependent_relayhost_maps = hash:/etc/postfix/sender_relayhosts smtp_sasl_auth_enable = yes smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwords smtp_sasl_security_options = noanonymous
First, create the sender_relayhosts file to map domains to their respective SendGrid endpoints:
# /etc/postfix/sender_relayhosts @domain1.com [smtp.sendgrid.net]:587 @domain2.com [smtp.sendgrid.net]:587
Then create the sasl_passwords file with domain-specific credentials:
# /etc/postfix/sasl_passwords [smtp.sendgrid.net]:587 username1:password1 [smtp.sendgrid.net]:587 username2:password2
Always protect your credential files and generate the hash maps:
sudo chmod 600 /etc/postfix/sender_relayhosts /etc/postfix/sasl_passwords sudo postmap /etc/postfix/sender_relayhosts sudo postmap /etc/postfix/sasl_passwords
Verify your configuration with these commands:
postconf -n | grep sender_dependent postmap -q @domain1.com hash:/etc/postfix/sender_relayhosts
If emails aren't routing correctly:
- Check mail.log for authentication errors
- Verify mapping file permissions (should be 600)
- Test SMTP authentication manually using telnet
- Remember to restart Postfix after configuration changes
For more complex scenarios, consider using transport maps:
# /etc/postfix/transport domain1.com smtp:[smtp.sendgrid.net]:587 domain2.com smtp:[smtp.sendgrid.net]:587 # In main.cf transport_maps = hash:/etc/postfix/transport
This method provides even more control over domain-specific routing.