Why Gemfury?
Push, build, and install
RubyGems
npm packages
Python packages
Maven artifacts
PHP packages
Go Modules
Debian packages
RPM packages
NuGet packages
Repository URL to install this package:
|
Version:
1.1.268025-1 ▾
|
Using COMODO Mail Gateway with Postfix
-------------------------------
Prerequisites
--------------
* installed Postfix
* installed COMODO Antivirus for Linux
Using COMODO Mail Gateway (CMG) as after-queue content filter
--------------------------------------------------------------
CMG daemon can be integrated as a Postfix after-queue
content filter (http://www.postfix.org/FILTER_README.html).
The daemon listens on port 10068. It gets emails from Postfix
command smtp, and after scanning relays filtered mail back
to Postfix via Postfix smtpd service listening on port 10025.
|-------------| emails |------------|
| Postfix | -------------------> |10068 CMG |
| | | |
| | scanned emails | |
| 10025| <------------------- | |
|-------------| |------------|
1) Edit /etc/postfix/master.cf file
To define service for sending unfiltered mail to the content filter,
add lines:
# ===================================================================
# service type private unpriv chroot wakeup maxproc command
# (yes) (yes) (yes) (never) (100)
# ===================================================================
cmdfilter unix - - - - 2 smtp
-o smtp_data_done_timeout=1200
-o smtp_send_xforward_command=yes
-o disable_dns_lookups=yes
-o max_use=20
To define service for passing filtered mail back to Postfix, add
lines:
# ===================================================================
# service type private unpriv chroot wakeup maxproc command
# (yes) (yes) (yes) (never) (100)
# ===================================================================
localhost:10025 inet n - n - 10 smtpd
-o content_filter=
-o receive_override_options=no_unknown_recipient_checks,no_header_body_checks,no_milters
-o smtpd_helo_restrictions=
-o smtpd_client_restrictions=
-o smtpd_sender_restrictions=
-o smtpd_recipient_restrictions=permit_mynetworks,reject
-o mynetworks=127.0.0.0/8
-o smtpd_authorized_xforward_hosts=127.0.0.0/8
NOTE: 10025 is a port number, that is defined
in /opt/COMODO/etc/COMODO.xml as <inboundBackPort>.
2) Edit /etc/postfix/main.cf file
To ensure that all mail is filtered (using service cmdfilter defined
in master.cf), add lines:
content_filter = cmdfilter:localhost:10068
receive_override_options = no_address_mappings
NOTE: 10068 is a port number, that is defined
in /opt/COMODO/etc/COMODO.xml as <inboundListeningPort>.
3) Configuring cmgdaemon
Open "COMODO Antivirus" for Linux.
Select "Mail Gateway" tab.
Open "Smtp Configuration".
Set "Filtering Type": 'Inner SMTP Filter'
Set "Listening Port": 10068
Set "Accept TLS": 'no'
Set "Delivery Host": localhost
Set "Delivery Port": 10025
Set "Force TLS": 'no'
It is possible to set parameters directly in /opt/COMODO/etc/COMODO.xml:
<filteringType>inbound</filteringType>
<inboundListeningPort>10068</inboundListeningPort>
<acceptInboundOuterTLS>no</acceptInboundOuterTLS>
<inboundBackAddress>localhost</inboundBackAddress>
<inboundBackPort>10025</inboundBackPort>
<enforceInboundInnerTLS>no</enforceInboundInnerTLS>
NOTE: You need assign administrator email out of filtered MTA.
Post-configuration steps
------------------------
1) Restart CMG daemon:
service cmdmgd restart
2) Restart Postfix:
service postfix restart