0

I'm trying to configure Postfix to act as an anti-spam/anti-virus service, running on a Ubuntu 14.04 server on AWS.

In the office we run Microsoft Exchange 2010 so I just want Postfix to receive all emails, run the appropriate scans, and then forward it onto the Exchange server, maintaining the destination address.

I've been trying for about a day to get this all configured but I constantly come across an issue of having to define every email address for Postfix, either via UNIX accounts, or in an aliases file of some sort. I don't want to have create/define each email address in the Postfix configuration every time a new user starts or leaves.

I'm happy to post various parts of my current configuration if required, but if someone could point me in the direction of a README or Tutorial on how to achieve what I need that would be much appreciated.

Thanks

Andy Esser
  • 3
  • 1
  • To enable postfix to limit the users, you will need to allow it to have access to the users. Maybe you can configure postfix to access your Excahnge server by LDAP ? – Dom Sep 08 '15 at 08:42
  • I don't want to limit users - I just want Postfix to forward the email onto my Exchange server maintaining the same recipient address as it received it – Andy Esser Sep 08 '15 at 09:19
  • Sounds like you want to verify recipient addresses by calling ahead to the Exchange server - see http://www.postfix.org/ADDRESS_VERIFICATION_README.html#recipient for suggestions on how to do this. – Paul Haldane Sep 08 '15 at 09:39
  • Have you tried this: http://serverfault.com/questions/266855/how-to-redirect-all-mail-from-one-domain-to-another-in-postfix – Tommy Burazin Sep 08 '15 at 09:46

2 Answers2

0

as Paul said, address verification will do the job. You can rather let it be done by checking the exchange host if it would acept the recipientor configure the address_verify_map to use a ldap request to your active directory. Valid postboxes can be identified with this pattern (&(objectClass=user)(mail=*)). More information about the matching of mail accounts can be found here How To Find Mail/Mailbox-Enabled Users in the Active Directory.

--TheDoctor

Dr. Seltsam
  • 1
0

From what I get of your question, it seems you are trying to basically forward all mail entering postfix to your exchange server, without any verification of the actual destination addresses (but some anti-spam filtering).

There are two things to configure for that

  • You need to have postfix accept to act as a relay host for your users. By default, this is severly restricted by smtpd_relay_restrictions, so you will need to set either set it to a value more permissive, or add all possible recipient domains to relay_domains.
  • You need to have postfix not actually attempt to deliver the message to the real destination, but instead forward it to a host of your choosing. This is easily configured by using a transport map or the simpler relayhost parameter.

Note that a side effect of postfix being placed as a frontend to exchange will be that any error (non-existent user for instance) will be generated by exchange, therefore bouncing at that point. This is usually not the best situation, and you might want to consider adding a forward verification in postfix, as was indicated in the other answers.

eltrai
  • 1,043
  • 9
  • 13
  • Hi eltrai - this is exactly what I ended up doing. I had smtpd_relay_restrictions set as the default (which only allows authorised destinations) which I did via relay_domains (this was the main bit of config I was missing). And the transport map has a list of accepted domains and where to relay them to. Thanks very much – Andy Esser Sep 09 '15 at 15:13