Bookmark and Share

Configuring Postfix + Spamasassin + Amavis as front-end Mail Transport Agent (MTA) to MS Exchange 2010

Posted: Monday, April 15th, 2013 at 12:15 amUpdated: Monday, April 15th, 2013 at 12:27 am

Configure Amavis

Amavis is the anti virus that we’ll use. It works in conjunction with SpamAsassin. Now that it is installed, we’ll just need to enable it. Edit /etc/amavis/conf.d/15-content_filter_mode. Uncomment the 2 config to enable it. Your file should look like below:

user@mydomain:~$ cat /etc/amavis/conf.d/15-content_filter_mode
use strict;

# You can modify this file to re-enable SPAM checking through spamassassin
# and to re-enable antivirus checking.

#
# Default antivirus checking mode
# Please note, that anti-virus checking is DISABLED by 
# default.
# If You wish to enable it, please uncomment the following lines:


@bypass_virus_checks_maps = (
   \%bypass_virus_checks, \@bypass_virus_checks_acl, \$bypass_virus_checks_re);


#
# Default SPAM checking mode
# Please note, that anti-spam checking is DISABLED by 
# default.
# If You wish to enable it, please uncomment the following lines:


@bypass_spam_checks_maps = (
   \%bypass_spam_checks, \@bypass_spam_checks_acl, \$bypass_spam_checks_re);

1;  # ensure a defined return

If your Linux host name is not fully qualified domain name (FQDN), then edit /etc/amavis/conf.d/05-node_id and specify your hostname manually. Let’s have Exchange 2010 handle the final action of spam / virus email. Postfix / Amavis / SpamAsassin job is basically to tag emails whether they are spam or virus. That way, Exchange 2010 still have the final say what to do with them.

user@mydomain:~$ cat /etc/amavis/conf.d/05-node_id
$myhostname = "postfix.mydomain.com";
user@mydomain:~$ cat /etc/amavis/conf.d/50-user
$final_virus_destiny      = D_PASS; # (defaults to D_BOUNCE)
$final_spam_destiny       = D_PASS; # (defaults to D_REJECT)

Then restart Amavis.

user@mydomain:~$ sudo /etc/init.d/amavis restart

Before we hook Amavis to Postfix, let’s make sure Amavis is running and working fine. To do that, simply telnet to port 10024. Below is my telnet session when testing it.

user@mydomain:~$ telnet localhost 10024
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
220 [127.0.0.1] ESMTP amavisd-new service ready
^]

telnet> quit
Connection closed.

Pages: 1 2 3 4 5 6 7

6 Responses to “Configuring Postfix + Spamasassin + Amavis as front-end Mail Transport Agent (MTA) to MS Exchange 2010”

  1. Alex Says:

    Hi!
    Thank you for you configuration!
    I am trying to set up postfix and testing SMTP with the telnet.
    From mydomain to my domain I can send letters (postfix forwards them to exchange)
    And from mydomain to non-mydomain (gmail.com) I can\’t send – I receive \"relay access denied\" in postfix logs.
    What do I do wrong?

  2. Maresa Says:

    @Alex: You’ll need to configure Postfix to open relay access. My recommendation is not open it globally. Open it only for authenticated users or from the IP address of your network. I don’t have article on how to do it yet. You can Google in the meanwhile.

    As for my setup, the outgoing mail is actually being sent directly from Exchange server. Hence, Postfix is not involved in sending email. Its sole purpose, in my setup, is to receive email, run antivirus / antispam on it, mark emails for spam as necessary, then forward email to Exchange.

  3. Michael Says:

    Hi,
    Thanks for your configuration!
    I try this and it works good with telnet (local on the Linux-Server).
    But if i send an email extern like (Yahoo) to my domain to relay it to exchange, i get an Relay Access Denied Error. On my Yahoo-Client

    What is wrong?

  4. eltes Says:

    @Michael: You need to add your domain to your postfix-configuration.

    Add this to your main.cf:

    virtual_mailbox_domains = /etc/postfix/virtual_domains

    then create

    /etc/postfix/virtual_domains and add your domain(s):

    domain1.de
    domain2.de

    After this reload/restart postfix.

  5. Martial Says:

    Hello,

    On debian jessie, I have to edit /etc/clamav/clamd.conf
    and change
    AllowSupplementaryGroups false
    By
    AllowSupplementaryGroups true

    bye.

  6. Max Says:

    Hi,

    i’m trying to get everything to work but if i do “tail /var/log/mail.err” i get such an error “postfix/smtpd[4529] : fatal: open dictionary: expecting “type:name” form instead of “content_filter”

    The number is counting up. Any ideas ?

Leave a Reply

Time limit is exhausted. Please reload the CAPTCHA.