How do I configure Postfix to reject mail from a local domain when not from localhost?

This is almost what I want, but maybe not quite. And something is certainly missing from the instructions because I tried that to no avail.

I'm running Alpine linux in a Docker container to figure out how to actually get all my services setup. I've done:

docker run --name local -it -p 2500:25 alpine sh
/ # apk update && apk add postfix

I've changed the default main.cf to have:

myhostname = test.example.com

In trying to follow along with the linked post, I added

submission inet n       -       n       -       -       smtpd
 -o smtpd_recipient_restrictions=permit_mynetworks,reject_unauth_destination,check_sender_access hash:/etc/postfix/localdomains

To my master.cf. I also have this:

/ # cat /etc/postfix/local_domains
test.example.com REJECT

So in general, I'm not sure how much I care about 587 (though that could be nice). The only people who will be sending email through my postfix instance will be doing so from the box that postfix is running on.

If I have postfix running on the server, here's an example of what I want to fail:

(from the machine hosting docker):

$ telnet $(docker-machine ip dev) 2500
EHLO whatever
MAIL FROM: whatever

Ideally it should fail right there. I don't want to be able to get mail with no name unless I'm connecting from 127.0.0.1. I'm not sure if I want to reject [email protected] as ultimately I will have a relay server on the public inteet (because my ISP blocks ports 25 and 80 unless you pay $300/mo for the "business" inteet), but I could live without it.

How can I tell postfix that if the client IP is anything but 127.0.0.1, that there must be a domain on the MAIL FROM:?

Recent Questions...