Bookmark and Share

Configuring Postfix + Spamasassin + Amavis as front-end Mail Transport Agent (MTA) to MS Exchange 2010

Posted: Monday, April 15th, 2013 at 12:15 amUpdated: Monday, April 15th, 2013 at 12:27 am

Test if everything is working as it should

So let’s recap. So far, we have done:

  1. Install, configure and verify Postfix is running and delivering emails fine
  2. Install and configure SpamAsassin
  3. Configure and test Amavis is running fine
  4. Configure Postfix to use Amavis as content filter

Now let’s test sending spam email by hand using telnet. We’ll be using Generic Test for Unsolicited Bulk Email (GTUBE) from SpamAsassin. What’s expected is that we’ll receive email from Exchange through either Outlook or Outlook Web Access. Here’s the transcript of my spam email test.

user@mydomain:~$ telnet localhost 25
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
220 postfix.mydomain.com ESMTP Postfix (Ubuntu)
ehlo postfix.mydomain.com
250-postfix.mydomain.com
250-PIPELINING
250-SIZE 10240000
250-VRFY
250-ETRN
250-STARTTLS
250-ENHANCEDSTATUSCODES
250-8BITMIME
250 DSN
mail from: somedude@spammer.com
250 2.1.0 Ok
rcpt to: user@mydomain.com
250 2.1.5 Ok
data
354 End data with .
Subject: Test sending spam email.

This email should be marked as spam because it contains this line

XJS*C4JDBQADN1.NSBN3*2IDNEN*GTUBE-STANDARD-ANTI-UBE-TEST-EMAIL*C.34X

I should expect this to be delivered to Exchange.
.
250 2.0.0 Ok: queued as CDF272A80E20
quit
221 2.0.0 Bye
Connection closed by foreign host.

If you check the logs, you should see log messages resembling the below:

user@mydomain:~$ tail -f /var/log/syslog
Apr 15 00:19:03 postfix.mydomain.com postfix/cleanup[6059]: CDF272A80E20: me
ssage-id=<20130415071754.CDF272A80E20@postfix.mydomain.com>
Apr 15 00:19:03 postfix.mydomain.com postfix/qmgr[5190]: CDF272A80E20: from=
<somedude@spammer.com>, size=552, nrcpt=1 (queue active)
Apr 15 00:19:05 postfix.mydomain.com postfix/smtpd[6053]: disconnect from lo
calhost[127.0.0.1]
Apr 15 00:19:18 postfix.mydomain.com postfix/smtpd[6069]: connect from local
host[127.0.0.1]
Apr 15 00:19:18 postfix.mydomain.com postfix/smtpd[6069]: 404F42A80E2B: clie
nt=localhost[127.0.0.1]
Apr 15 00:19:18 postfix.mydomain.com postfix/cleanup[6059]: 404F42A80E2B: me
ssage-id=<20130415071754.CDF272A80E20@postfix.mydomain.com>
Apr 15 00:19:18 postfix.mydomain.com postfix/qmgr[5190]: 404F42A80E2B: from
=<somedude@spammer.com>, size=1294, nrcpt=1 (queue active)
Apr 15 00:19:18 postfix.mydomain.com postfix/smtpd[6069]: disconnect from lo
calhost[127.0.0.1]
Apr 15 00:19:18 postfix.mydomain.com amavis[5485]: (05485-06) Passed SPAM, L
OCAL [127.0.0.1] [127.0.0.1] <somedude@spammer.com> -> <user@mydomain.com>, 
quarantine: j/spam-jq58tLC6RLYB.gz, Message-ID: <20130415071754.CDF272A80E20
@postfix.mydomain.com>, mail_id: jq58tLC6RLYB, Hits: 1000.207, size: 552, que
ued_as: 404F42A80E2B, 14398 ms
Apr 15 00:19:18 postfix.mydomain.com postfix/smtp[6065]: CDF272A80E20: to=<u
ser@mydomain.com>, relay=127.0.0.1[127.0.0.1]:10024, delay=93, delays=79/0.0
1/0.01/14, dsn=2.0.0, status=sent (250 2.0.0 from MTA([127.0.0.1]:10025): 25
0 2.0.0 Ok: queued as 404F42A80E2B)
Apr 15 00:19:18 postfix.mydomain.com postfix/qmgr[5190]: CDF272A80E20: remov
ed
Apr 15 00:19:18 postfix.mydomain.com postfix/smtp[6070]: 404F42A80E2B: to=<u
ser@mydomain.com>, relay=10.10.10.50[10.10.10.50]:25, delay=0.21, delays=0.0
1/0.01/0.01/0.18, dsn=2.6.0, status=sent (250 2.6.0 <20130415071754.CDF272A
80E20@postfix.mydomain.com> [InternalId=21972] Queued mail for delivery)
Apr 15 00:19:18 postfix.mydomain.com postfix/qmgr[5190]: 404F42A80E2B: remov
ed

Now do check your Outlook and see if you receive a new message with subject starting with “*****SPAM*****” (if you’ve configured the optional step). Next up is configuring MS Exchange 2010 so that it’ll deliver the mail to “Junk E-Mail” folder.

Pages: 1 2 3 4 5 6 7

6 Responses to “Configuring Postfix + Spamasassin + Amavis as front-end Mail Transport Agent (MTA) to MS Exchange 2010”

  1. Alex Says:

    Hi!
    Thank you for you configuration!
    I am trying to set up postfix and testing SMTP with the telnet.
    From mydomain to my domain I can send letters (postfix forwards them to exchange)
    And from mydomain to non-mydomain (gmail.com) I can\’t send – I receive \"relay access denied\" in postfix logs.
    What do I do wrong?

  2. Maresa Says:

    @Alex: You’ll need to configure Postfix to open relay access. My recommendation is not open it globally. Open it only for authenticated users or from the IP address of your network. I don’t have article on how to do it yet. You can Google in the meanwhile.

    As for my setup, the outgoing mail is actually being sent directly from Exchange server. Hence, Postfix is not involved in sending email. Its sole purpose, in my setup, is to receive email, run antivirus / antispam on it, mark emails for spam as necessary, then forward email to Exchange.

  3. Michael Says:

    Hi,
    Thanks for your configuration!
    I try this and it works good with telnet (local on the Linux-Server).
    But if i send an email extern like (Yahoo) to my domain to relay it to exchange, i get an Relay Access Denied Error. On my Yahoo-Client

    What is wrong?

  4. eltes Says:

    @Michael: You need to add your domain to your postfix-configuration.

    Add this to your main.cf:

    virtual_mailbox_domains = /etc/postfix/virtual_domains

    then create

    /etc/postfix/virtual_domains and add your domain(s):

    domain1.de
    domain2.de

    After this reload/restart postfix.

  5. Martial Says:

    Hello,

    On debian jessie, I have to edit /etc/clamav/clamd.conf
    and change
    AllowSupplementaryGroups false
    By
    AllowSupplementaryGroups true

    bye.

  6. Max Says:

    Hi,

    i’m trying to get everything to work but if i do “tail /var/log/mail.err” i get such an error “postfix/smtpd[4529] : fatal: open dictionary: expecting “type:name” form instead of “content_filter”

    The number is counting up. Any ideas ?

Leave a Reply

Time limit is exhausted. Please reload the CAPTCHA.