Bookmark and Share

Configuring Postfix + Spamasassin + Amavis as front-end Mail Transport Agent (MTA) to MS Exchange 2010

Posted: Monday, April 15th, 2013 at 12:15 amUpdated: Monday, April 15th, 2013 at 12:27 am

Configuring Exchange 2010 to understand emails marked as spam from SpamAsassin

Exchange 2010 has some sort of mail filtering capability. In particular, it has spam confidence level; a number between -1 and 10. We’ll utilize that so that so that down stream, Exchange will work as intended (i.e. delivering junk mails to “Junk E-Mail” folder).

On your Exchange Management Console, browse to Microsoft Exchange On-Premises. Then expand Organization Configuration. Then select Hub transport. Navigate to Transport Rules tab. You should see an empty list like in the screenshot below.
Exchange Hub Transport: Transport Rules

  • Click on New Transport Rule from the menu on the right pane.
  • Give it a descriptive name like Mark as spam. Then click Next
  • On Conditions step, check “when the message header contains specific words
  • Click on message header and put in “X-Spam-Flag”
  • Click on specific words and put in “YES”. Then click Next.
  • On Actions step, select “set the spam confidence level to value
  • Click on “0” and change it to 6. MS Exchange 2010 has 6 as the highest confidence level that they’ll deliver. Otherwise, they’ll start quarantine
  • Ater clicking Next, you’ll get the Exception step. There’s nothing to do on this step. Simply click Next
  • On the last screen, simply click New button.

In the end, your rule should look like this: Exchange transport rule

That’s it. You can try sending spam test email again. This time, you should have the email delivered to your “Junk E-Mail” folder instead of your inbox in your Outlook. As always, I welcome comments and critique to make this article better.

Pages: 1 2 3 4 5 6 7

6 Responses to “Configuring Postfix + Spamasassin + Amavis as front-end Mail Transport Agent (MTA) to MS Exchange 2010”

  1. Alex Says:

    Thank you for you configuration!
    I am trying to set up postfix and testing SMTP with the telnet.
    From mydomain to my domain I can send letters (postfix forwards them to exchange)
    And from mydomain to non-mydomain ( I can\’t send – I receive \"relay access denied\" in postfix logs.
    What do I do wrong?

  2. Maresa Says:

    @Alex: You’ll need to configure Postfix to open relay access. My recommendation is not open it globally. Open it only for authenticated users or from the IP address of your network. I don’t have article on how to do it yet. You can Google in the meanwhile.

    As for my setup, the outgoing mail is actually being sent directly from Exchange server. Hence, Postfix is not involved in sending email. Its sole purpose, in my setup, is to receive email, run antivirus / antispam on it, mark emails for spam as necessary, then forward email to Exchange.

  3. Michael Says:

    Thanks for your configuration!
    I try this and it works good with telnet (local on the Linux-Server).
    But if i send an email extern like (Yahoo) to my domain to relay it to exchange, i get an Relay Access Denied Error. On my Yahoo-Client

    What is wrong?

  4. eltes Says:

    @Michael: You need to add your domain to your postfix-configuration.

    Add this to your

    virtual_mailbox_domains = /etc/postfix/virtual_domains

    then create

    /etc/postfix/virtual_domains and add your domain(s):

    After this reload/restart postfix.

  5. Martial Says:


    On debian jessie, I have to edit /etc/clamav/clamd.conf
    and change
    AllowSupplementaryGroups false
    AllowSupplementaryGroups true


  6. Max Says:


    i’m trying to get everything to work but if i do “tail /var/log/mail.err” i get such an error “postfix/smtpd[4529] : fatal: open dictionary: expecting “type:name” form instead of “content_filter”

    The number is counting up. Any ideas ?

Leave a Reply

Time limit is exhausted. Please reload the CAPTCHA.