How to deploy multiple Content filters using postfix

Postfix is a mailbox sending system in linux. We often use it to replace the sendmail command. Let's take a look at how to deploy multiple Content filters in postfix.

The Postfix mail server can use content_filter to scan emails (viruses, advertisements, etc.) when receiving emails ). by integrating a centralized email content filter, such as amavis or mailvert, Postfix can perform multiple scans with a single call. this is good, but some filters are difficult or almost impossible to be integrated into a centralized filter. this is a problem, especially when some centralized content_filter has been installed in your Postfix system. can we solve this problem? Of course. this document provides one of many possible solutions. your steps may vary depending on your configuration.

In this case, we assume that we need a mail system that runs Postfix, Amavis (including various plug-ins), and Avira MailGate. postfix has been configured to use the Amavis system as content_filter.MailGate and cannot be integrated through Amavis. Therefore, it uses a separate content_filter.

Amavis configuration: Amavis listens to port 10026 and forwards data through port 10027.

The Code is as follows:	Copy code
$ Inet_socket_port = 10026; Forward_method => 'smtp: [127.0.0.1]: 8080 ';

MailGate configuration: MailGate listens to port 20024 and then forwards data through port 20025.

The Code is as follows:	Copy code
ListenAddress localhost port 20024 ForwardTo SMTP: localhost port 20025

Postfix requires two filters.
This can be achieved through the string filter: the incoming mail is first submitted to the Postfix Content_filter, (www. bKjia. c0m then Content_filter sends the scanned email to Postfix. the scanned email is sent to the second Content_filter. finally, it is sent to the user. our chain is like this: Postfix> MailGate> Postfix> Amavisd-new>

The Code is as follows:

Copy code

Postfix> User Main. cf: Content_filter = smtp: 127.0.0.1: 20024 Master. cf Localhost: 20025 inet n--smtpd -O content_filter = smtp: 127.0.0.1: 10026 127.0.0.1: 10027 inet n--smtpd -O content_filter =-o smtpd_delay_reject = no-o smtpd_client_restrictions = permit_mynetworks, reject -O smtpd_helo_restrictions =-o smtpd_sender_restrictions = -O smtpd_recipient_restrictions = permit_mynetworks, reject -O smtpd_data_restrictions = reject_unauth_pipelining -O smtpd_end_of_data_restrictions = -O smtpd_restriction_classes = -O mynetworks = 127.0.0.0/8 -O smtpd_error_sleep_time = 0 -O smtpd_soft_error_limit = 1001 -O smtpd_hard_error_limit = 1000 -O smtpd_client_connection_count_limit = 0 -O smtpd_client_connection_rate_limit = 0 -O receive_override_options = no_header_body_checks, no_unknown_recipient_checks, no_milters -O local_header_rewrite_clients =

In this way, the Postfix submits all incoming emails to the MailGate on port 20024, And the MailGate then transmits the scan results back to the Postfix on port 20025. postfix runs an additional SMTP service on port 20025, which also contains a content_filter. Therefore, all emails that reach port 20025 will be sent to port 10026. amavis listens on port 10026, so the email will be scanned by Aamavis. after scanning, Amavis sends the email to port 10027. another SMTP service provided by Postfix is running on port 10027. At this point, the mail reaches the end of the chain and the mail will be delivered to the user. if you need more information about this topic, please mail to robin.diederen@gmail.com.bKjia.c0m

Another configuration sample may be as follows:

The Code is as follows:

Copy code

In main. cf: # Send email to amavisd Content_filter = amavisd: [127.0.0.1]: 10024 In master. cf: # Amavisd Amavisd unix--n-2 lmtp -O lmtp_data_done_timeout = 1200 s -O disable_dns_lookups = yes # Receive email from amavisd # And then send email to altermine 127.0.0.1: 10025 inet n--smtpd -O content_filter = altermine # Receive email from 127.0.0.1: 10025 Altermine unix-n-2 pipe ... # Receive email from altermine 127.0.0.1: 20025 inet n--smtpd -O content_filter = -O...

The entire process is: postfix-> amavisd: [127.0.0.1]: 10024-> postfix-> altermine-> postfix-> user