LinuxQuestions.org
Help answer threads with 0 replies.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Server
User Name
Password
Linux - Server This forum is for the discussion of Linux Software used in a server related context.

Notices

Reply
 
Search this Thread
Old 05-21-2008, 08:06 PM   #1
jstephens84
Senior Member
 
Registered: Sep 2004
Distribution: (Home)Opensolaris, Ubuntu, CentOS, (Work - AIX, HP-UX, Red Hat)
Posts: 2,043

Rep: Reputation: 83
Postfix, Courier, Spamassassin, and Exchange


Hey Guys looking for a way to integrate postfix, courier, spamassassin and my exchange box together. Basically I am trying to create my own home brew Barracuda. However I am not sure How to go about it. I am sure I need to set postfix as a gateway and then have courier receive it after spamassassin has it's way with the email then have postfix relay it to my exchange. Any help or pointers will be of value.
 
Old 05-22-2008, 05:19 AM   #2
gani
Member
 
Registered: Jun 2004
Location: Metro Manila, Philippines
Distribution: OpenBSD, Slackware, XP
Posts: 347

Rep: Reputation: 31
I don't think that you might be needing courier (do you mean courier-imap?) since as I'm seeing it, what you needed is only an SMTP gateway to filter incoming mails against SPAM and malware and clean mails forwarded to your Exchange server and hence you won't need mailboxes created here and mails stored which is the job of courier-imap.

Here are the components of a Postfix-based anti-spam gateway:

1. Postfix MTA
2. Amavisd-new
3. SpamAssassin
4. ClamAV
5. Options: Postgrey and DKIM (DomainKeys Identified Mails)

Postfix can be installed simply using your package manager and it can be with TLS and SMTP-auth enabled depending on you. Although, with TLS enabled and using only a self-signed certificate, it will work only for incoming mails and not when you are sending to other MTA or SMTP servers.

SMTP-auth will use both OpenSSL and Cyrus-SASL libraries to handle and secure users' remote authentication and this could be used by your mobile users sending mails (relaying) through your SMTP server and protecting it further against unauthorized SMTP relaying. In this way, your mobile users will be able to relay through your SMTP where ever they are. There are several how-to on the web adding SMTP-auth in postfix.

Amavisd-new would use in addition the external services of SpamAssassin and ClamAV to sanitize messages and brings to quarantine bad mails. Amavisd-new can be either installed via a package or from source. When installing from source, simply follow the instructions in the INSTALL file and MTA specific instructions in README_FILES/ directory.

This website has a portion on how to install amavisd-new, spamassassin and clamav - www.postfixvirtual.net

Tell postfix to transport your messages to Exchange:

Code:
/etc/postfix/main.cf:

transport_maps = hash:/etc/postfix/transport

/etc/postfix/transport:

domain.com   smtp:[ip.add.of.exchange]
If you want to prevent backscatters or email dictionary attacks:

Code:
/etc/postfix/main.cf:

relay_recipient_maps = hash:/etc/postfix/relay_recipients

/etc/postfix/relay_recipients:

user1@domain.com     OK
user2@domain.com     OK
all of your exchange accounts must be listed here
Then do the following:

Code:
# postmap /etc/postfix/transport
# postmap /etc/postfix/relay_recipients
# postfix reload
Repeat all the above every time the files has changed.

To repel fictitious and non-fully qualified HELO used by spammers:

Code:
/etc/postfix/main.cf:

smtpd_helo_required = yes
smtpd_helo_restrictions =
        permit_mynetworks
        reject_invalid_hostname
        reject_non_fqdn_hostname
If SMTP-auth is installed, add on the above permit_sasl_authenticated.

Code:
smtpd_helo_restrictions =
        permit_mynetworks
        permit_sasl_authenticated
        reject_invalid_hostname
        reject_non_fqdn_hostname
To add postgrey, simply refer to its website for the instructions or simply follow its instructions that goes with its source.

postfix.org has several how-to for integrating postfix, amavisd-new, spamassasin and clamav on a Linux/BSD systems.

Then you can tell exchange to use the [ip.of.your.postfix] for its external deliveries so that all messages would first pass through it for sanitation before being sent outside to protect you from shame.

----
GANI
 
Old 05-22-2008, 09:42 AM   #3
jstephens84
Senior Member
 
Registered: Sep 2004
Distribution: (Home)Opensolaris, Ubuntu, CentOS, (Work - AIX, HP-UX, Red Hat)
Posts: 2,043

Original Poster
Rep: Reputation: 83
That is awesome. Thanks for the help. Not sure if I said this or not but I plan on using Debian etch for this so that should make life somewhat easier. Thanks for the great head start. I also do see what you mean. I don't need procmail or courier since I am only forwarding emails to my exchange server.
 
Old 08-11-2008, 04:31 PM   #4
adilon
LQ Newbie
 
Registered: Aug 2008
Location: Morocco
Distribution: RedHat CentOs, Madriva, Debian, Windows 2003
Posts: 2

Rep: Reputation: 0
Hi there

I'm runing Debian and i want to implement this solution, SpamAssassin acting as gateway for my Exchange Server. this is my arch :

Internet---> Cisco Router---->ASA 5505-------> LAN (Exchange Server)

the Debian Server will be situated in DMZ's ASA branch.

i would like to know if the configuration posted by Gani will work for SpamAssassin under Debian ? can somone confirm or have any other configuration exemple that i can use for my arch.

Thanks & Regards.
--
Adil

Last edited by adilon; 08-11-2008 at 04:35 PM.
 
Old 08-11-2008, 08:38 PM   #5
gani
Member
 
Registered: Jun 2004
Location: Metro Manila, Philippines
Distribution: OpenBSD, Slackware, XP
Posts: 347

Rep: Reputation: 31
https://help.ubuntu.com/community/PostfixAmavisNew
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
LXer: Book review: Setup and Run a Small Office Email Server Using Postfix, Courier, Procmail, Squirrelmail, Clamav and Spamassassin LXer Syndicated Linux News 0 08-24-2006 09:21 AM
SpamAssassin -> Exchange listlow Linux - Software 4 06-22-2005 02:22 AM
Courier-imap+spamassassin+maildrop jriis Debian 1 03-08-2005 03:48 PM
Spamassassin + Courier Imap + Procmail Savahn Linux - Software 3 01-26-2005 08:40 PM
Postfix as a frontend for Exchange, for Spamassassin jdavidow Linux - Networking 0 09-02-2004 05:48 AM


All times are GMT -5. The time now is 11:40 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration