Multiple milters - how to properly configure it ?

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view
|

Multiple milters - how to properly configure it ?

Konrad Wawryn
Hi,

I would like to setup additional Milter in my Linux Appliance.
The problem is, that I have already one (defined in master.cf) which is
used by E-mail encryption system located on the same host.

Second milter I would like to setup for Data Loss Prevention System,
where E-Mail will be forwarded to external DLP System, where will be
checked and send back to Linux Appliance.


Bottom You will find my master.cf.
As You can see some BeforeQueue configuration using already port 10025
and AfterQueue using 10026.

I would like to forward messages to DLP System before encryption.
Example:

SMTP --- DLP Milter 10023 (before) ---> DLP System ---> SMTP 10024
(after) ---> SMTP 10025 (before) ---> encryption system ---> SMTP 10026
(after) ---> Final Delivery to recipient


Where to put new Milter configuration ? If I will put DLP milter
configuration before existing one, will it be enought ?

Does any one could help to setup two milters in single postfix instance
?


Thanks in advance for Your support.


Cheers
Konrad




##########################################

#
==========================================================================
# service type private unpriv chroot wakeup maxproc command + args
# (yes) (yes) (yes) (never) (100)
#
==========================================================================
pickup  fifo n - n 60 1 pickup
cleanup  unix n - n - 0 cleanup
qmgr  fifo n - n 300 1 qmgr
rewrite  unix - - n - - trivial-rewrite
bounce  unix - - n - 0 bounce
defer  unix - - n - 0 bounce
flush  unix n - n 1000? 0 flush
proxymap  unix - - n - - proxymap
smtp  unix - - n - - smtp
relay  unix - - n - - smtp
showq     unix n - n - - showq
error     unix - - n - - error
virtual  unix - n n - - virtual
lmtp  unix - - n - - lmtp

pickup fifo n - n 60 1 pickup
        -o cleanup_service_name=pre-cleanup
pre-cleanup unix n - n - 0 cleanup
        -o canonical_maps=
        -o sender_canonical_maps=
        -o recipient_canonical_maps=
        -o masquerade_domains=
        -o virtual_alias_maps=
cleanup unix n - n - 0 cleanup
        -o header_checks=
        -o mime_header_checks=
        -o nested_header_checks=
        -o body_checks=

# Interface to SecureMail PlugIn.
smgw    unix    -   -   n   - 10    smtp
     -o smtp_connection_cache_on_demand=no
#   -o smtp_send_xforward_command=yes

# main external smtp entry for SecureMail (first interface)
:smtp inet    n       -       n       -       10       smtpd
        -o message_size_limit=32768000
        -o cleanup_service_name=pre-cleanup
        -o content_filter=smgw:[127.0.0.1]:10025
        -o receive_override_options=no_address_mappings

# reverse smtp entry for processed mails by SecureMail
127.0.0.1:10026 inet n - n - - smtpd
     -o content_filter=
     -o local_recipient_maps=
     -o relay_recipient_maps=
     -o smtpd_restriction_classes=
     -o smtpd_client_restrictions=
     -o smtpd_sender_restrictions=
     -o smtpd_helo_restrictions=
     -o smtpd_recipient_restrictions=permit_mynetworks,reject
     -o
receive_override_options=no_unknown_recipient_checks,no_header_body_checks
     -o mynetworks=127.0.0.0/8
     -o in_flow_delay=0
     -o smtpd_tls_security_level=none


# postfix generated settings following
trace  unix - - n - 0 bounce
verify  unix - - n - 1 verify
anvil  unix - - n - 1 anvil
scache  unix - - n - 1 scache
discard  unix - - n - - discard
tlsmgr    unix  -       -       n       1000?   1       tlsmgr
retry     unix  -       -       n       -       -       error
proxywrite unix -       -       n       -       1       proxymap
#smtp      inet  n       -       n       -       1       postscreen
#smtpd     pass  -       -       n       -       -       smtpd
#dnsblog   unix  -       -       n       -       0       dnsblog
#tlsproxy  unix  -       -       n       -       0       tlsproxy


##########################################


--
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.