Postfix: rewriting Return-Path

Posted on 2009-02-13
Last Modified: 2013-11-30
This is a follow up to a previous (solved) question at

I have managed to strip the sender header, and do other modifications. This is working great now, but still my private email address is shown in the full message in the "Return-Path" header or whatever it is.

If I understood rightly from here and there, Return-Path is not a normal header and therefore I can't change it as I already do for the sender, and that might be the reason why it is not working, as if the rules I set for Return-Path were completely ignored.

What I want to do is be able to send emails from a -say- public email address (eg. from my Google Apps Premier Edition account, which is associated with the address -say-

When I send emails as, for example to forums (or if I register to newsletters, services, etc), I don't want my private email address (which is made of name+surname) to be shown anywhere.

So, the question is: how can I make sure (with my postfix server, used as relay for Google Apps PE), that the "Return-Path" shows the email address I am sending the email from, rather then the default/primary email address?

Thanks in advance.
Question by:Sisupoika
    LVL 23

    Accepted Solution

    sender_canonical_maps = hash:/path/to/canonical.file

    /path/to/canonical.file should contain:

    After saving file, run: postmap /path/to/canonical.file

    From now on, every email sent via your postfix, with email addres as sender, will be rewriten to

    Author Comment

    Hi oklit,

    many thanks for your quick response.
    So, I created that file, added the sender_canonical_maps line to, and run the postmap command.
    Unfortunately it doesn't seem to work for some reason, because emails get stuck in the queue; if I comment out the sender_canonical_maps in, then emails get delivered again.
    What could it be? Please find attached the content of my

    # See /usr/share/postfix/ for a commented, more complete version
    # Debian specific:  Specifying a file name will cause the first
    # line of that file to be used as the name.  The Debian default
    # is /etc/mailname.
    #myorigin = /etc/mailname
    #myhostname =
    biff = no
    # appending .domain is the MUA's job.
    append_dot_mydomain = no
    # Uncomment the next line to generate "delayed mail" warnings
    #delay_warning_time = 4h
    readme_directory = no
    # TLS parameters
    smtpd_tls_cert_file = /etc/ssl/certs/ssl-cert-snakeoil.pem
    smtpd_tls_key_file = /etc/ssl/private/ssl-cert-snakeoil.key
    smtpd_use_tls = yes
    smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
    smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
    # See /usr/share/doc/postfix/TLS_README.gz in the postfix-doc package for
    # information on enabling SSL in the smtp client.
    alias_maps = hash:/etc/aliases
    alias_database = hash:/etc/aliases
    mydestination = $myhostname, localhost.$mydomain, $mydomain
    mynetworks = [::ffff:]/104 [::1]/128
    mailbox_size_limit = 0
    recipient_delimiter = +
    smtpd_recipient_restrictions = permit_mynetworks reject_unauth_destination
    header_checks = regexp:/etc/postfix/maps/header_checks
    sender_canonical_maps = hash:/etc/postfix/

    Open in new window


    Author Comment

    Sorry, made a little mistake while doing copy&paste.

    The last line complete is sender_canonical_maps = hash:/etc/postfix/canonical
    LVL 23

    Expert Comment

    Please provide appropriate part of your maillog.

    Author Comment

    Great, I restarted postfix again and it's working now! The return path shows the address I specified in the canonical file and not the other private address.

    So, the points are yours already, but before closing, one last addition if you don't mind :)

    As it is now, it is perfect if I use one additional address in Google Apps, apart from the main one.
    So I have my personal, private address (for friends etc only), and the other one for forums, newsletters etc.
    What if I want to use, within the same Google Account, also an address I use for work?
    How should I do for the mapping? I am a bit confused in this case because the main address would be the same.
    So I have now in the canonical file:

    and ...?
    LVL 23

    Expert Comment

    Oops.. I forgot to write, that you have to do postfix reload :)

    You can't rewrite one 'source' address to multiple 'destination' addresses.

    Author Comment

    Hi, thanks again. Aren't there any built in variables I can use?
    Something like  $senderEmailAddress

    where $senderEmailAddress is the email address from which the mail has been sent to?
    LVL 23

    Expert Comment

    Unfortunately no.

    Probably you should be able to do this in some other way (but it's not an elegant solution). You should run another postfix instance on some other port (ie. 2525) - you can do this by editing file and adding there proper lines (similar to line starting with 'smtp  inet...'). This new instance should use another file for canonical rewrites (you can define it with "-o sender_canonical_maps = hash:/some/other/canonical_file". Of course you should have your second address defined.
    With this solution you have to remember to send some emails via 'default' configuration (via port 25), and other emails via this alternate configuration (which listens on 2525).

    Author Comment

    Ok, I got it. Many, many thanks for your help mate!

    Write Comment

    Please enter a first name

    Please enter a last name

    We will never share this with anyone.

    Featured Post

    What Is Threat Intelligence?

    Threat intelligence is often discussed, but rarely understood. Starting with a precise definition, along with clear business goals, is essential.

    Workplace bullying has increased with the use of email and social media. Retain evidence of this with email archiving to protect your employees.
    Resolve Outlook connectivity issues after moving mailbox to new Exchange 2016 server
    In this video we show how to create a mailbox database in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Servers >> Data…
    In this Micro Video tutorial you will learn the basics about Database Availability Groups and How to configure one using a live Exchange Server Environment. The video tutorial explains the basics of the Exchange server Database Availability grou…

    761 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    7 Experts available now in Live!

    Get 1:1 Help Now