I want to thanks @saitobenkei for his help, you really save me with this.
Now, I would like to post here all the things done. It would like to make this solution a new feature for NS7 mail module.
For the mean time I decided to modify the functionality of the checkbox in
[ Email Addresses ] -> [ username@domain.local ] -> [ Edit ] -> [ Local network only ]
In order to do this we create a custom template to disable this feature code, like this:
mkdir -p /etc/e-smith/templates-custom/etc/postfix/internal_access/
nano /etc/e-smith/templates-custom/etc/postfix/internal_access/10mailboxes
We insert this code in this file:
#
# 10mailboxes -- internal addresses defined by users database
#
{
}
As @saitobenkei suggested we also modify the some parameters on /etc/postfix/main.cf to restrict access to the defined users (Those that have the [ Local network only ] checkbox enabled), to do that we make a custom template that replaces the original /etc/e-smith/templates/etc/postfix/main.cf/00template_vars by doing this:
mkdir -p /etc/e-smith/templates-custom/etc/postfix/main.cf/
cp /etc/e-smith/templates/main.cf/00template_vars /etc/e-smith/templates-custom/etc/main.cf
nano /etc/e-smith/templates-custom/etc/main.cf/00template_vars
We modify this section, the line with the “Add this here” comment must be inserted.
According to this guide, this file will have the list of users /etc/postfix/restricted_senders:
@smtpd_relay_restrictions = (
'check_client_access cidr:/etc/postfix/access.cidr',
'check_sender_access hash:/etc/postfix/restricted_senders', # <- Add this here
'permit_mynetworks',
'permit_sasl_authenticated',
'reject_unauth_destination',
'reject_unverified_recipient',
);
Also we create a new template file, to define our reject class and file:
mkdir -p /etc/e-smith/templates-custom/etc/postfix/main.cf/
nano /etc/e-smith/templates-custom/etc/postfix/main.cf/55restriction_classes
In 55restriction_classes we define a restriction class, in this case we will reject any email, except for those email domains that comply we regex expressions:
#
# custom
# 55restriction_classes
#
smtpd_restriction_classes = local_only
local_only = pcre:/etc/postfix/local_domains, reject
Next is creating the local domain template file:
mkdir -p /etc/e-smith/templates-custom/etc/postfix/local_domains/
nano /etc/e-smith/templates-custom/etc/postfix/local_domains/10local_domains
As it is explained here, we define the email domains that will be allowed, any other email will be rejected by default. As @saitobenkei explained, we can define other domain like this /onedomain\.com$/ OK
#
# custom
# 10local_domains
#
# Insert the TLD as regular expression
# because the format file doesn't accept TLD directly
#
# In case, insert other lines as regular expression too
#
# http://www.postfix.org/access.5.html
/\.cu$/ OK
Finally we define the restricted senders template file:
mkdir -p /etc/e-smith/templates-custom/etc/postfix/restricted_senders/
nano /etc/e-smith/templates-custom/etc/postfix/restricted_senders/10restricted_senders
Here we use this code to get all the users which has enabled the [ Local network only ] checkbox and apply to them the restriction class local_only:
#
# custom
# 10restricted_senders
#
{
use esmith::AccountsDB;
$OUT = '';
foreach (esmith::AccountsDB->open_ro()->get_all_by_prop("type" => "user")) {
if(($_->prop('MailAccess') || '') eq 'private') {
$OUT .= sprintf("%-38s local_only\n", $_->key);
}
}
}
Now that we finished will all the templates, as @saitobenkei explained, we expand the templates and reload postfix.
expand-template /etc/postfix/main.cf
expand-template /etc/postfix/restricted_senders
expand-template /etc/postfix/local_domains
postmap /etc/postfix/restricted_senders
postmap /etc/postfix/local_domains
postfix reload
That’s all, I want to thank @saitobenkei for his support, I think this could be a great feature for mail module. Is there a place to suggest ideas for this?