Adding route to Gateway server

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
5 messages Options
UyC
Reply | Threaded
Open this post in threaded view
|

Adding route to Gateway server

UyC

Hi,

 

I currently have 2 postfix servers as our gateway servers hosting our domain.  It is currently configure to receive internet email bound for our domain and then send it to our ProofPoint servers for hygiene scrubbing.  This is all working great right now, but our Cyber team wanted us to implement a journaling mailbox/server and bcc all inbound and outbound to/from the internet emails to this [hidden email].

 

How can I create that route so that when I use the always_bcc = [hidden email] that it will not go through my normal route to our ProofPoint servers.

 

Thank you for your help.

 

Reply | Threaded
Open this post in threaded view
|

Re: Adding route to Gateway server

Gerald Galster
I currently have 2 postfix servers as our gateway servers hosting our domain.  It is currently configure to receive internet email bound for our domain and then send it to our ProofPoint servers for hygiene scrubbing.  This is all working great right now, but our Cyber team wanted us to implement a journaling mailbox/server and bcc all inbound and outbound to/from the internet emails to this[hidden email].
 
How can I create that route so that when I use the always_bcc = [hidden email] that it will not go through my normal route to our ProofPoint servers.

It depends on how those mails are sent to your proofpoint servers.

Perhaps a transport map could help:


/etc/postfix/transport:

where mx.server.com is the MX of server.com (without the [] brackets postfix would request a dns mx lookup for mx.server.com)

postmap /etc/postfix/transport


Best regards
Gerald
Reply | Threaded
Open this post in threaded view
|

Re: Adding route to Gateway server

Matus UHLAR - fantomas
In reply to this post by UyC
On 02.12.20 18:04, Chu, Uy wrote:
> I currently have 2 postfix servers as our gateway servers hosting our
> domain.  It is currently configure to receive internet email bound for our
> domain and then send it to our ProofPoint servers for hygiene scrubbing.
> This is all working great right now, but our Cyber team wanted us to
> implement a journaling mailbox/server and bcc all inbound and outbound
> to/from the internet emails to this
> [hidden email]<mailto:[hidden email]>.

they need to forward syslog as well, since the original recipient
information is lost this way.

--
Matus UHLAR - fantomas, [hidden email] ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
Due to unexpected conditions Windows 2000 will be released
in first quarter of year 1901
Reply | Threaded
Open this post in threaded view
|

Re: Adding route to Gateway server

Christian Ejlertsen
In reply to this post by UyC
You can just add it to the transport file
Ex add this to the transport file:
[hidden email] smtp:1.2.3.4

postmap the file.
test by postmap -q  "[hidden email][hidden email]"  /path/to/transport

Taken from 

look under table search order

-- 
Med venlig hilsen / Best Regards

Christian Ejlertsen
Lytzen IT A/S
Tlf: +45 88328788
Dir: +45 88328707

On Wed, 2020-12-02 at 18:04 +0000, Chu, Uy wrote:

Hi,

 

I currently have 2 postfix servers as our gateway servers hosting our domain.  It is currently configure to receive internet email bound for our domain and then send it to our ProofPoint servers for hygiene scrubbing.  This is all working great right now, but our Cyber team wanted us to implement a journaling mailbox/server and bcc all inbound and outbound to/from the internet emails to this [hidden email].

 

How can I create that route so that when I use the always_bcc = [hidden email] that it will not go through my normal route to our ProofPoint servers.

 

Thank you for your help.

 

Reply | Threaded
Open this post in threaded view
|

Re: Adding route to Gateway server

Gerald Galster

You can just add it to the transport file
Ex add this to the transport file:
[hidden email] smtp:1.2.3.4

for ip addresses [] are required:

[hidden email] smtp:[1.2.3.4]


The syntax of a nexthop destination is transport dependent. With SMTP,
specify a service on a non-default port as host:service, and disable MX
(mail exchanger) DNS lookups with [host] or [host]:port. The [] form is
required when you specify an IP address instead of a hostname.

Best regards
Gerald