0

The Situation

I'm using SpamExperts for email archiving. In order to get a message archived, the message must go trough an SpamExpert's Smarthost before reaching its final destination.

If I want to have all outgoing messages being archived I can use a sender_dependent_relayhost_maps. Right now the relevant part of my main.cf is:

sender_dependent_relayhost_maps = hash:/etc/postfix/securitybox_sender_relay
smtp_sasl_auth_enable = yes
smtp_sasl_password_maps = hash:/etc/postfix/securitybox_passwd
smtp_sasl_security_options =
smtp_sender_dependent_authentication = yes

Now the problem is that if the sender and the reciever are in the same machine, Postfix will use the local transport and the message is not going to be relayed, hence not being archived.

My Question

How can I make that all messages sent from one specific local domain to any local domain (including itself) are relayed through a smarthost before being delivered to the final destination?

Alvaro Flaño Larrondo
  • 91
  • 1
  • 10
  • The domain names listed in `mydestination` in main.cf file get delivered locally. You can try to remove it from there and see if it works the way you want. – Diamond Jan 18 '16 at 08:00
  • The problem is that when I remove them from $mydestination the server will **never** deliver the message to the domain because it does not know that the domain is in that machine. An ideal solution would be that Postfix recognizes that a message is `outgoing` and it has to ve relayed, or the a message is `incoming` and it has to be delivered locally. – Alvaro Flaño Larrondo Jan 18 '16 at 13:53
  • Does Spamexperts implement the milter protocol? Maybe you could use that instead of relaying your mail through it? – moebius_eye Jan 19 '16 at 23:47

2 Answers2

2

This doesn't sound tehnically viable to route internal mails through smarthost, whatever the software is, and the only alternative I can think of is to use some sort of blind-carbon-copy that automatically copies all mails sent internally to an external address.

I have found this article from SpamExperts Knowledgebase, that deals with the same issue, (although it's with Exchange):

Microsoft Exchange internal email archiving

I'm going to quote it here:

When using SpamExperts for both your inbound and outbound email filtering (using the smarthost setup), all external SMTP communication will automatically be archived as part of the domain for which archiving is enabled. However Microsoft Exchange does not relay internal communication via the outgoing smarthost, therefore internal communication will not be archived by default.

Archiving internal communication is simple however, and can be accomplished with the Exchange journaling system. The journaling system allows Exchange to automatically send a copy of all internal communication to an external email address. As long as you've setup the external email address with SpamExperts for archiving, the SpamExperts inbound filter will simply process the message and archives it. You should configure the destination address to which the journaling reports are sent as a whitelisted blackholed recipient. This means for the messages received, no filtering or delivery to an external server takes place. SpamExperts support can help you accomplish this (or you can do so directly via the Software API on our Local Cloud product).

Your Microsoft Exchange administrator will be able to activate journaling for you, to ensure a copy of each email is automatically sent to the archived blackholed recipient.

Similar things can be achieved by using Postfix's sender_bcc_maps and recipient_bcc_maps options. You may have a look at this for a hint:

How can I configure Postfix to retain copies of all email sent through it?

Community
  • 1
Diamond
  • 9,001
  • 3
  • 24
  • 38
  • Thanks for the answer. But it is technically possible using Exim. I've alreday done it adding `condition = ${if !match_domain{$sender_helo_name}{*.spamexperts.com}}` to my router's definition. Maybe Postfix isn't as flexible as Exim and I will end up doing the bcc alternative as you propose. – Alvaro Flaño Larrondo Jan 21 '16 at 16:09
  • Even though it is not the answer I was expecting, I will reward this one the bounty for being the closest one and for providing an alternative solution. – Alvaro Flaño Larrondo Jan 25 '16 at 14:08
1

As far as I know that it not possible. Postfix is unable to know wether that message is an "incoming" or an "outgoing" message, it just sees the message and tries to get it to it's destination. If you would manage to redirect the message (for example using a transport map), then postfix would produce an infinite loop with the other MX. Nobody wants that and that's why it's not possible. It might be possible to use a custom amavis script to achieve what you want but that's a rather dirty solution that might not always work as expected.

Flole
  • 31
  • 4
  • Imanaged to accomplish this on Exim using `condition = ${if !inlist{$sender_host_name}{server1.spamexperts.com:server2.spamexperts.com}}`. Maybe something similar can be done on Postfix? – Alvaro Flaño Larrondo Jan 20 '16 at 13:46