I would like to add a virtual host/domain with several mailboxes on postfix where the users can only send mail to addresses with a specific domain hosted on the same postfix instance.
The scenario here is that I have a bunch of internal servers and applications, they all run under "appname.local.domain.tld". I would like to allow these applications to only send mail from [email protected] to mailboxes at [email protected]. Other destinations than *@domain.tld should not be allowed for mail originating from *@local.domain.tld. This is to prevent data leaks from a misconfigured application (or an application under attack) and to make sure that all mail from these systems stays within the organization.
Both, mail for *@domain.tld and *.local.domain.tld is handled by the same postfix instance. Mail from *@domain.tld should obviously not be impacted by the restrictions defined above.
How can I configure postfix to achieve the scenario stated above?