Mandriva 2005 Postfix Anti-Spam, Anti-Virus Relay Server for Exchange Server 2000/2003 - Page 3
STEP 4: Configure Postfix
The steps below outline how to configure postfix to receive e-mail for your Exchange box, forward it to amavisd-new which in turns processes it with spamassasin and razor and if passes all the checks it gets forwarded back to postfix which in turn delivers to your exchange box. a) Issue the following command at your putty prompt to edit your /etc/postfix/main.cf file:
vi /etc/postfix/main.cfHit "i" to edit the file, and make sure the settings below are set obviously substituting your info and/or adding lines as necessary:
# User configurable parameters inet_interfaces = all #mynetworks_style = host local_recipient_maps = delay_warning_time = 4hDo not give out more info to potential hackers than necessary. A lot of people leave the server type and version number on this field. I say, just be as vague as possible. Your choice.
smtpd_banner = yourdomain.tld ESMTP
unknown_local_recipient_reject_code = 550 smtp-filter_destination_concurrency_limit = 2 lmtp-filter_destination_concurrency_limit = 2 smtpd_sasl_path = /etc/postfix/sasl:/usr/lib/sasl2 recipient_delimiter = + owner_request_special = no alias_maps = hash:/etc/postfix/aliases, hash:/var/lib/mailman/data/aliases content_filter = smtp-amavis:[127.0.0.1]:10025 receive_override_options = no_address_mappings #empty_address_recipient = header_checks = regexp:/etc/postfix/header_checks message_size_limit = 1024000In the following line you specify the domains that you will allow this server to relay mail for. Be careful here. Limit this to only your domains or you risk of becoming an open relay!
relay_domains = yourdomain.tld, anotherdomain.tldObviously your domain name goes here. Multiple domains can go there separated by commas
mydomain = yourdomain.tldEnter the FQDN for your box here
myhostname = hostname.yourdomain.tldIn this field, ensure that you put in the IP address of your exchange server and your domain name.
mynetworks = 192.168.1.10/32, yourdomain.tldThis field actually makes the whole relay thing work. Make a note of the file and the path, we'll deal with it further down.
transport_maps = hash:/etc/postfix/transport
#myorigin = queue_minfree = 0Enter RBL lists in the following field. Please be very careful which lists you pick. Some lists are ran by tyrrants and sometimes legitimate server go on there. Also, keep in mind, any e-mail matched to a list gets rejected at the door. Which means it doesn't even get to your server which means the user or you will NEVER see that e-mail. Be very wise about which lists you pick.
maps_rbl_domains = sbl.spamhaus.org, relays.ordb.org, opm.blitzed.org, dun.dnsrbl.net
smtpd_helo_restrictions = permit_mynetworks, warn_if_reject, reject_non_fqdn_hostname, reject_maps_rbl
smtpd_recipient_restrictions = permit_mynetworks, reject_unauth_destination, reject_non_fqdn_recipient
smtpd_sender_restrictions = reject_unauth_pipelining, reject_unknown_sender_domain, reject_non_fqdn_sender
The field below is very very important. Make a note of it and we'll deal with it further down this guide.
relay_recipient_maps = hash:/etc/postfix/exchange_recipientsOnce done with the editing, hit SHIFT, ZZ to save the file. b) Next issue the following command at your putty prompt where yourdomain.com is the name of the domain this server is going to be relaying e-mail for and 192.168.xxx.xxx is the actual IP address of your exchange server. You can add as many domains as you like.
echo "yourdomain.com smtp:[192.168.xxx.xxx]" >> /etc/postfix/transportThe following command will tell postfix to accept e-mail for ALL domains. I DO NOT recommend you process the following command unless you are 150% sure you know what you are doing. I merely put it there for reference.
echo "* smtp:[192.168.xxx.xxx]" >> /etc/postfix/transportAfter you add the previous line(s) in your transport file, issue the following commands. One command per line:
service postfix restart
You should first see the message â€œpostfix/postfix-script: refreshing the Postfix Mail systemâ€? and then â€œShutting Down postfixâ€? and â€œStarting Postfixâ€?. You should see no errors during this. If you do, go back and fix them. Then do the postfix reload and the service postfix restart commands again and look for error. If no error, life is good! Proceed to next step.