Getting postfix to support relaying based on sender address

I have a linux box that acts as my voice-, mail-, print- and general network server.

To speed up local email access within all the email clients on my local network, I've set up this server as an SMTP server that just relays all messages through my ISP.

Recently, though, I've changed ISP's to Telkom 8ta, and they no longer let me relay email through them.. so I've had to change my configuration.

Having just finished making the changes work, I thought I'd share the results, and an interesting consequence.

The current configuration: - All email's are now forwarded to the email server that corresponds to the from address. - When sending messages from my gmail user accounts, this has the advantage of storing a copy of my outgoing message in my sent folder.

The solution:

Mostly gleaned from this ubuntu tutorial.

With other help from this server fault article.

And it now works!

My main.cf portion of interest:

#SASL security / authentication
smtp_use_tls=yes
smtp_sasl_password_maps=hash:/etc/postfix/sasl/security
smtp_sasl_auth_enable=yes

# optional: necessary if email provider
# requires passwords sent in clear text
smtp_sasl_security_options = noanonymous

# optional: necessary if email provider uses load balancing and
# forwards emails to another smtp server
# for delivery (ie: smtp.yahoo.com --> smtp.phx.1.yahoo.com)
smtp_cname_overrides_servername = no

smtp_pix_workarounds =

smtp_sender_dependent_authentication = yes
sender_dependent_relayhost_maps = hash:/etc/postfix/relayhost_map

# Gmail relay
relayhost = [smtp.gmail.com]:587

Which sets up gmail as my default relay, if no other is provided.

My /etc/postfix/relayhost_map has multiple entries of the form:

@domain1.com    [smtp.domain1.com]:26

If there is no entry, then gmail is used.

My /etc/postfix/sasl/security has entries (that match the relayhost_map) that look like:

user1@isp1.com      user1@isp1.com:password4isp1

and ends with

[smtp.gmail.com]:587    myaddress@gmail.com:mygmailpassword

To provide the default gmail login details

Other pages that helped:

Extra: Getting gmail and other CA signed transactions to stop complaining, I used the advice in
this link (with the exception that I edited my certificate file with vi!)