Postfix: rewriting Return-Path

This is a follow up to a previous (solved) question at

I have managed to strip the sender header, and do other modifications. This is working great now, but still my private email address is shown in the full message in the "Return-Path" header or whatever it is.

If I understood rightly from here and there, Return-Path is not a normal header and therefore I can't change it as I already do for the sender, and that might be the reason why it is not working, as if the rules I set for Return-Path were completely ignored.

What I want to do is be able to send emails from a -say- public email address (eg. from my Google Apps Premier Edition account, which is associated with the address -say-

When I send emails as, for example to forums (or if I register to newsletters, services, etc), I don't want my private email address (which is made of name+surname) to be shown anywhere.

So, the question is: how can I make sure (with my postfix server, used as relay for Google Apps PE), that the "Return-Path" shows the email address I am sending the email from, rather then the default/primary email address?

Thanks in advance.
Who is Participating?
Maciej SsysadminCommented:
sender_canonical_maps = hash:/path/to/canonical.file

/path/to/canonical.file should contain:

After saving file, run: postmap /path/to/canonical.file

From now on, every email sent via your postfix, with email addres as sender, will be rewriten to
SisupoikaAuthor Commented:
Hi oklit,

many thanks for your quick response.
So, I created that file, added the sender_canonical_maps line to, and run the postmap command.
Unfortunately it doesn't seem to work for some reason, because emails get stuck in the queue; if I comment out the sender_canonical_maps in, then emails get delivered again.
What could it be? Please find attached the content of my

# See /usr/share/postfix/ for a commented, more complete version
# Debian specific:  Specifying a file name will cause the first
# line of that file to be used as the name.  The Debian default
# is /etc/mailname.
#myorigin = /etc/mailname
#myhostname =
biff = no
# appending .domain is the MUA's job.
append_dot_mydomain = no
# Uncomment the next line to generate "delayed mail" warnings
#delay_warning_time = 4h
readme_directory = no
# TLS parameters
smtpd_tls_cert_file = /etc/ssl/certs/ssl-cert-snakeoil.pem
smtpd_tls_key_file = /etc/ssl/private/ssl-cert-snakeoil.key
smtpd_use_tls = yes
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
# See /usr/share/doc/postfix/TLS_README.gz in the postfix-doc package for
# information on enabling SSL in the smtp client.
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
mydestination = $myhostname, localhost.$mydomain, $mydomain
mynetworks = [::ffff:]/104 [::1]/128
mailbox_size_limit = 0
recipient_delimiter = +
smtpd_recipient_restrictions = permit_mynetworks reject_unauth_destination
header_checks = regexp:/etc/postfix/maps/header_checks
sender_canonical_maps = hash:/etc/postfix/

Open in new window

SisupoikaAuthor Commented:
Sorry, made a little mistake while doing copy&paste.

The last line complete is sender_canonical_maps = hash:/etc/postfix/canonical
Free Tool: Site Down Detector

Helpful to verify reports of your own downtime, or to double check a downed website you are trying to access.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Maciej SsysadminCommented:
Please provide appropriate part of your maillog.
SisupoikaAuthor Commented:
Great, I restarted postfix again and it's working now! The return path shows the address I specified in the canonical file and not the other private address.

So, the points are yours already, but before closing, one last addition if you don't mind :)

As it is now, it is perfect if I use one additional address in Google Apps, apart from the main one.
So I have my personal, private address (for friends etc only), and the other one for forums, newsletters etc.
What if I want to use, within the same Google Account, also an address I use for work?
How should I do for the mapping? I am a bit confused in this case because the main address would be the same.
So I have now in the canonical file:

and ...?
Maciej SsysadminCommented:
Oops.. I forgot to write, that you have to do postfix reload :)

You can't rewrite one 'source' address to multiple 'destination' addresses.
SisupoikaAuthor Commented:
Hi, thanks again. Aren't there any built in variables I can use?
Something like  $senderEmailAddress

where $senderEmailAddress is the email address from which the mail has been sent to?
Maciej SsysadminCommented:
Unfortunately no.

Probably you should be able to do this in some other way (but it's not an elegant solution). You should run another postfix instance on some other port (ie. 2525) - you can do this by editing file and adding there proper lines (similar to line starting with 'smtp  inet...'). This new instance should use another file for canonical rewrites (you can define it with "-o sender_canonical_maps = hash:/some/other/canonical_file". Of course you should have your second address defined.
With this solution you have to remember to send some emails via 'default' configuration (via port 25), and other emails via this alternate configuration (which listens on 2525).
SisupoikaAuthor Commented:
Ok, I got it. Many, many thanks for your help mate!
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.