I don't think that you might be needing courier (do you mean courier-imap?) since as I'm seeing it, what you needed is only an SMTP gateway to filter incoming mails against SPAM and malware and clean mails forwarded to your Exchange server and hence you won't need mailboxes created here and mails stored which is the job of courier-imap.
Here are the components of a Postfix-based anti-spam gateway:
1. Postfix MTA
2. Amavisd-new
3. SpamAssassin
4. ClamAV
5. Options: Postgrey and DKIM (DomainKeys Identified Mails)
Postfix can be installed simply using your package manager and it can be with TLS and SMTP-auth enabled depending on you. Although, with TLS enabled and using only a self-signed certificate, it will work only for incoming mails and not when you are sending to other MTA or SMTP servers.
SMTP-auth will use both OpenSSL and Cyrus-SASL libraries to handle and secure users' remote authentication and this could be used by your mobile users sending mails (relaying) through your SMTP server and protecting it further against unauthorized SMTP relaying. In this way, your mobile users will be able to relay through your SMTP where ever they are. There are several how-to on the web adding SMTP-auth in postfix.
Amavisd-new would use in addition the external services of SpamAssassin and ClamAV to sanitize messages and brings to quarantine bad mails. Amavisd-new can be either installed via a package or from source. When installing from source, simply follow the instructions in the INSTALL file and MTA specific instructions in README_FILES/ directory.
This website has a portion on how to install amavisd-new, spamassassin and clamav -
www.postfixvirtual.net
Tell postfix to transport your messages to Exchange:
Code:
/etc/postfix/main.cf:
transport_maps = hash:/etc/postfix/transport
/etc/postfix/transport:
domain.com smtp:[ip.add.of.exchange]
If you want to prevent backscatters or email dictionary attacks:
Code:
/etc/postfix/main.cf:
relay_recipient_maps = hash:/etc/postfix/relay_recipients
/etc/postfix/relay_recipients:
user1@domain.com OK
user2@domain.com OK
all of your exchange accounts must be listed here
Then do the following:
Code:
# postmap /etc/postfix/transport
# postmap /etc/postfix/relay_recipients
# postfix reload
Repeat all the above every time the files has changed.
To repel fictitious and non-fully qualified HELO used by spammers:
Code:
/etc/postfix/main.cf:
smtpd_helo_required = yes
smtpd_helo_restrictions =
permit_mynetworks
reject_invalid_hostname
reject_non_fqdn_hostname
If SMTP-auth is installed, add on the above permit_sasl_authenticated.
Code:
smtpd_helo_restrictions =
permit_mynetworks
permit_sasl_authenticated
reject_invalid_hostname
reject_non_fqdn_hostname
To add postgrey, simply refer to its website for the instructions or simply follow its instructions that goes with its source.
postfix.org has several how-to for integrating postfix, amavisd-new, spamassasin and clamav on a Linux/BSD systems.
Then you can tell exchange to use the [ip.of.your.postfix] for its external deliveries so that all messages would first pass through it for sanitation before being sent outside to protect you from shame.
----
GANI
