Re: dedicated antivirus and anti spam

• Previous message: Alexandre Balistrieri: "Re: dedicated antivirus and anti spam"
• Maybe in reply to: cachak: "dedicated antivirus and anti spam"
• Next in thread: mouss: "Re: dedicated antivirus and anti spam"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

cachak wrote:
> hello
> i have to server
> one server for mail server with :
> -postfix
> -maildrop
> -courier-auth
> -courier-imap
> -saslautd
>
> and other server for content filtering(antivirus and spam) with :
> -amavisd
> -kaspersky
> -spamassasin
>
> if antivirus and mta in one server, mail server is fine, and my
> configure in main is :
> content_filter=smtp-amavis:[127.0.0.1]:10024
> and in master.cf
> smtp-amavis unix - - n - 2 lmtp

calling an lmtp based transport smtp-amavis is asking for trouble... if
using lmtp, better name it lmtp-amavis and adjust the conten_filter
accordingly).
> -o lmtp_data_done_timeout=1200
> -o lmtp_send_xforward_command=yes
>
> 127.0.0.1:10025 inet n - n - - smtpd
> -o content_filter=
> -o local_recipient_maps=
> -o relay_recipient_maps=
> -o smtpd_restriction_classes=
> -o smtpd_client_restrictions=
> -o smtpd_helo_restrictions=
> -o smtpd_sender_restrictions=
> -o smtpd_recipient_restrictions=permit_mynetworks,reject
> -o mynetworks=127.0.0.0/8
> -o strict_rfc821_envelopes=yes
> -o smtpd_error_sleep_time=0
> -o smtpd_soft_error_limit=1001
> -o smtpd_hard_error_limit=1000
>
>
> if i m use dedicated content filter i dont know to configure
> how to configure in main.cf,master.cf(server one) and in server two
>
> server one is with ip public
> server two with ip private

you need to

- set the content filter to be the remote amavisd. something like
content_filter=smtp-amavis:[192.168.9.10]:10024
where 192.168..9.10 is an IP of the remote filtering box.

- in master.cf, replace lmtp with smtp in the definition of smtp-amavis.
change the options too (lmtp options would be useless in an smtp
transport). please take a look at the amavisd-new README.postfix (the
old and the new): you'll find useful options to add to your transport.

- replace 127.0.0.1:10025 by 192.168.9.1:10025, where 192.168.9.1 is an
IP of the postfix server (reachable from the LAN side).

- configure amavisd on the remote machine to listen on 192.168.9.10
(instead of 127.0.0.1). for this, set
$inet_socket_bind = '192.168.9.10'. (you don't need the unix socket
anymore, since you will be using smtp over TCP).

- configure amavisd to forward mail back to 192.168.9.9 port 10025
(where 192.168.9.9 is an IP of the postfix server). for this, set
$forward_method = 'smtp:[192.168.9.1]:10025

check amavid

• Previous message: Alexandre Balistrieri: "Re: dedicated antivirus and anti spam"
• Maybe in reply to: cachak: "dedicated antivirus and anti spam"
• Next in thread: mouss: "Re: dedicated antivirus and anti spam"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]