Postfix Mail Gateway Agent Outlook

1. Components

Operating system centos5.4

Postfix:mta

CLAMD: Anti-Virus engine

SpamAssassin: Anti-spam

Amavisd-new: Middleware between the Mail proxy Server (MTA) and antivirus software

Fail2ban: Preventing mailbox Brute Force cracking

2. Working principle

650) this.width=650; "src=" http://s3.51cto.com/wyfs02/M02/59/E0/wKioL1TukjbQ14n5AAC9vajd2qY593.jpg "title=" principle. jpg "alt=" Wkiol1tukjbq14n5aac9vajd2qy593.jpg "/>

Step one: Postfix receive mail (MTA)

postfix, through the port, accept all mail

Step two: Mail to amavisd-new

Amavisd-new is responsible for calling CLAMD to virus scan the message, responsible for calling SpamAssassin to filter the contents of the message, amavisd-new through the 10025 port back to Postfix

Step three: Mail back to postfx

Fourth step:postfix is passed to exchange

3. installation process

Stop the SendMail service to prevent 25 port occupancy

(1) Set CDROM source and Epel source, this step omitted

(2) Yum installed postfix,fail2ban

# yum–y Installfail2ban

# Servic Fail2ban Start

# yum–y Install Postfix

(3) Yum installation install virus filtering component CLAMD

#groupadd ClamAV

#useradd-G clamav-s/sbin/nologin-m ClamAV

#groupadd Amavis

#useradd-G amavis-s/sbin/nologin-m Amavis

#yum Install CLAMD

#vim/etc/clamd.conf

Modify

User Amavis

#chown-R Amavis.amavis/var/log/clamav

#chown-R Amavis.amavis/var/run/clamav

#service CLAMD Start

# vim/etc/freshclam.conf

Modify

Databaseowneramavis

#chown-R Amavis.amavis/var/lib/clamav

#freshclam

(4) Yum installs anti-spam SpamAssassin

#yum Install SpamAssassin

#vim/ETC/MAIL/SPAMASSASSIN/LOCAL.CF

####### #new ###################

required_score5.0

Rewrite_headersubject ****spam****

Report_safe 1

Use_bayes 1

Bayes_auto_learn 1

Skip_rbl_checks 1

Use_razor2 0

Use_pyzor 0

Ok_locales All

#service SpamAssassin Start

(5) Yum installation amavisd-new

#yum Install Amavisd-new

#gpasswd-a ClamAV Amavis

#usermod-G Amavis ClamAV

#chown AMAVIS.AMAVIS/VAR/SPOOL/AMAVISD

#chown amavis.amavis/var/spool/amavisd/tmp

#chmod 750/var/spool/amavisd/tmp

#vim/etc/amavisd/amavisd.conf

Modify

$daemon _user = ' Amavis ';

$daemon _group= ' Amavis '; groups and accounts are created automatically #yum installation

$mydomain = ' example.com '; # mail domains for Exchange or other messaging systems

$myhostname = ' mail.example.com '; # Exchange Domain

$virus _admin = "postmaster\@ $mydomain";

$mailfrom _notify_admin = "postmaster\@ $mydomain";

$mailfrom _notify_recip = "postmaster\@ $mydomain";

$mailfrom _notify_spamadmin= "postmaster\@ $mydomain";

virus_admin_maps=> ["postmaster\@ $mydomain"], (Specify the identity of the user who sent the system mail when the virus and spam are reported)

Spam_admin_maps = ["postmaster\@ $mydomain"],

####### #NEW ##########

[' Clamav-clamd ',

\&ask_daemon, ["Contscan {}\n", "/var/run/clamav/clamd.sock"],

qr/\bok$/m, qr/\bfound$/m,

Qr/^.*?: (?! Infected Archive) (. *) found$/m],

#service AMAVISD Start

(6) Postfix associated clam, SpamAssassin and amavisd-new

# VIM/ETC/POSTFIX/MASTER.CF

########## #add #############

Amavisfeed Unix--n-2 SMTP

-osmtp_data-done_timeout=1200

-odisable_dns_lookup=yes

127.0.0.1:10025 inet n-n--SMTPD

-ocontent_filter=

-olocal_recipient_maps=

-orelay_recipient_maps=

-osmtpd_restriction_classes=

-osmtpd_client_restrictions=

-osmtpd_helo_restrictions=

-osmtpd_sender_restrictions=

-osmtpd_recipient_restrictions=permit_mynetworks,reject

-omynetworks=127.0.0.0/8

-ostrict_rfc821_envelopes=yes

# VIM/ETC/POSTFIX/MAIN.CF

Smtpd_client_restrictions =

Reject_rbl_client rbl.anti-spam.cn

Content_filter = amavisfeed:[127.0.0.1]:10024

receive_override_options= no_address_mappings

# service Postfix Start

# NETSTAT-NLTP

Activeinternet connections (only servers)

Protorecv-q send-q Local Address Foreign address State Pid/program Name

TCP 0 0 127.0.0.1:25 0.0.0.0:* LISTEN 20719/master

TCP 0 0 127.0.0.1:10024 0.0.0.0:* LISTEN 20540/amavisd (mast

TCP 0 0 127.0.0.1:10025 0.0.0.0:* LISTEN 20719/master

TCP 0 0 127.0.0.1:3310 0.0.0.0:* LISTEN 6243/clamd

TCP 0 0 127.0.0.1:783 0.0.0.0:* LISTEN 19863/spamd.pid

# Chkconfig CLAMD on

# Chkconfig SpamAssassin on

# Chkconfig AMAVISD on

# chkconfig Postfix on

# Chkconfig Fail2ban on

4. Mail Gateway Settings

# VIM/ETC/POSTFIX/MAIN.CF

Relay_domains = test.com

# Vim/etc/postfix/transport

test.com relay:[192.168.0.1]

# Postmap/etc/postfix/transport

# service Postfix Reload

5.exchange does not need to make any modifications, including DNS MX records, because it is only over-the-grid request.

5. Firewall publishing, omitting

Summary: This article borrowed a lot of things on the internet to be completed, thank you very much. Test results are good, for everyone's reference.

Postfix Mail Gateway Agent Outlook