|
|
|
|
| |
| Support |
| Knowlege Base |
| |
|
Search our Knowledge Base for technical articles. This database may contain information sourced from other sites.
You can enter up to 100 characters in your search term. We continue to add articles in this database as we encounter issues in our support work.
If you are directed to this page to start a support session click on the logo below. You will be prompted to install a file. Please follow the directions provided by support.
|
| |
| Use psotfix as a Mail Relay server |
To use postfix for relaying mail to an internal host, you simply need to:
1. Add a line to /etc/postfix/transport:
* smtp:[<internal mail server>]
(the '[' and ']' around the internal mail server name or IP address
disable any MX lookups for this server and therefore are more robust
against DNS breakage - the firewall can deliver mail to the internal
host even if the internal DNS zone contains errors).
2. Run:
postmap /etc/postfix/transport
3. Add the following entries (or change existing ones) to
/etc/postfix/main.cf:
transport_maps = hash:/etc/postfix/transport
myhostname = <hostname of the firewall as seen from the Internet>
myorigin = <hostname of the firewall as seen from the Internet>
mydestination = localhost, <your email domain>
maps_rbl_domains =
relays.ordb.org
list.dsbl.org
orbs.dorkslayers.com
dev.null.dk
bl.spamcop.net
relays.visi.com
proxies.relays.monkeys.com
spews.relays.osirusoft.com
sbl.spamhaus.org
dsn.rfc-ignorant.org
smtpd_client_restrictions =
permit_mynetworks
reject_maps_rbl
# this would not let clients connect whose host name cannot be resolved
# reject_unknown_client
smtpd_helo_restrictions =
permit_mynetworks
reject_invalid_hostname
# might enable these again
# reject_non_fqdn_hostname
# reject_unknown_hostname
smtpd_sender_restrictions = permit_mynetworks
reject_unknown_sender_domain
reject_non_fqdn_sender
# reject_invalid_hostname would not allow email to be sent from some
# dialups
# reject_invalid_hostname
# permit
smtpd_recipient_restrictions =
permit_mynetworks
permit_mx_backup
reject_unknown_recipient_domain
reject_non_fqdn_recipient
reject_unauth_destination
strict_rfc821_envelopes = yes
smtpd_recipient_limit = 100
biff = no
local_transport = error:local mail delivery is disabled on this machine
notify_classes = resource, software, 2bounce
(These are settings that we use on our production email server at
gibraltar.at, so they have proven to be stable. You might of course want
to change some options to suit your needs, Timo Metzemakers has also
posted a very good set of rules.)
4. Change "ENABLED=0" to "ENABLED=1" in /etc/default/spamassassin
5. Enable the entry for spamassassin in /etc/runlevel.conf by removing
the '#' in front of it.
6. Enable the smtpd entry with option "-o content_filter=filter" and
disable the other smtpd entry in /etc/postfix/master. You can also
disable the entry for local. This enables the use of the Anti-SPAM
filter whenever an email is received.
7. Run
/etc/init.d/spamassassin start
/etc/init.d/postfix restart
8. Test, test, test :)
Postfix should only accept emails for the configured domains
(mydestination in /etc/postfix/main.cf) and should now forward them to
the internal mail server. SPAM mails will also be tagged as such (a
changed subject line and additional mail headers) and can therefore
easily be filtered on the mail server or in the mail reader.
|
| Link |
|
| File |
|
| |
|
|
|
|
|
