Multiple methods exist for rewriting email headers in Postfix to modify sender or recipient addresses. The appropriate configuration depends on the Postfix version and desired scope of application.

1. Using smtp_generic_maps

This parameter is analogous to sendmail's address masquerading, rewriting addresses for emails sent via SMTP to external domains. It does not effect local mail delivery. Add the following line to /etc/postfix/main.cf:

smtp_generic_maps = hash:/etc/postfix/generic_map

Create the map file /etc/postfix/generic_map with content like:

user@original-domain.local    user@public-domain.com
@internal-domain.local        @external-provider.example

After creating or modifying the map file, generate the hash database:

postmap /etc/postfix/generic_map

2. Using sender_canonical_maps

In some Postfix versions, particularly older ones, smtp_generic_maps may not function as expected. An alternative is to use sender_canonical_maps, which specifically rewrites sender addresses. Add the following line to /etc/postfix/main.cf:

sender_canonical_maps = hash:/etc/postfix/sender_canonical

Create the map file /etc/postfix/sender_canonical with a similar format:

root@internal-host.example.com   alerts@company.com
@subdomain.example.net            @primary-domain.com

Generate the hash database:

postmap /etc/postfix/sender_canonical

3. Using header_checks with PCRE

For more granular control, such as rewriting only the From: header using regular expressions, use the header_checks parameter. Add the following line to /etc/postfix/main.cf:

header_checks = pcre:/etc/postfix/header_rewrite_rules

Create the file /etc/postfix/header_rewrite_rules with a pattern like:

/^From:(.*)[<]([\w\.\-]+)\@source\.example[>]/i REPLACE From:$1<$2@target.example>

Reload Postfix after any changes to this file:

service postfix reload

4. Controlling Header Rewrite Scope

By default, Postfix 2.2 and later only rewrites headers for emails originating from specific clients. To apply header rewrites universally (e.g., for emails sent from webmail clients and desktop clients like Outlook), add the following parameter to /etc/postfix/main.cf:

local_header_rewrite_clients = static:all

Without this setting, rewrites configured via smtp_generic_maps or canonical maps may not apply to headers in emails from remote SMTP clients, resulting in unchanged From: and To: addresses in the recipient's view.

5. Complete Rewrite Configuration Example

A consolidated setup for comprehensive header rewriting might include: In /etc/postfix/main.cf:

smtp_generic_maps = hash:/etc/postfix/generic_map
sender_canonical_maps = hash:/etc/postfix/sender_canonical
local_header_rewrite_clients = static:all

Create identical (or tailored) map files /etc/postfix/generic_map and /etc/postfix/sender_canonical:

admin@private-network.local      support@public-domain.org
@legacy-domain.int               @current-domain.com

Generate the databases and restart Postfix:

postmap /etc/postfix/generic_map
postmap /etc/postfix/sender_canonical
systemctl restart postfix  # or service postfix restart

Note: A configuration using local_header_rewrite_clients = static:all will apply rewrites to all emails processed by the server, including internal mail. To restrict rewrites to specific networks or authenticated clients, use a more selective value, such as permit_mynetworks, permit_sasl_authenticated.