multiple content filters -

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view
|

multiple content filters -

Konrad Wawryn
Hi,

I need to setup two content filters in my Postfix server:


- (scanner1) first one is already running on the server and listening on
port 10025
- (scanner2) second one running on some external scanner:10023

I would like to setup mail flow this way:

E-Mail ---> Server:25 ---> Scanner1:10023 ---> Server:10024 --->
Server:10025 ---> Server:10026 ---> E-Mail Gateway ---> INTERNET


Could You please tell me how to preperly setup in master.cf ? Bottom You
will find my current master.cf.




# ########################### master.cf

#
==========================================================================
# service type  private unpriv  chroot  wakeup  maxproc command + args
#               (yes)   (yes)   (yes)   (never) (100)
#
==========================================================================
pickup    fifo  n       -       n       60      1       pickup
cleanup   unix  n       -       n       -       0       cleanup
qmgr      fifo  n       -       n       300     1       qmgr
rewrite   unix  -       -       n       -       -       trivial-rewrite
bounce    unix  -       -       n       -       0       bounce
defer     unix  -       -       n       -       0       bounce
flush     unix  n       -       n       1000?   0       flush
proxymap  unix  -       -       n       -       -       proxymap
smtp      unix  -       -       n       -       -       smtp
relay     unix  -       -       n       -       -       smtp
showq     unix  n       -       n       -       -       showq
error     unix  -       -       n       -       -       error
virtual  unix   -       n       n       -       -       virtual
lmtp      unix  -       -       n       -       -       lmtp

pickup  fifo    n       -       n       60      1       pickup
         -o cleanup_service_name=pre-cleanup
pre-cleanup     unix    n       -       n       -       0       cleanup
         -o canonical_maps=
         -o sender_canonical_maps=
         -o recipient_canonical_maps=
         -o masquerade_domains=
         -o virtual_alias_maps=
cleanup unix    n       -       n       -       0       cleanup
         -o header_checks=
         -o mime_header_checks=
         -o nested_header_checks=
         -o body_checks=


# Interface to first scanner INIT
scanner1    init    n   -   n   -   10    smtp
     -o smtp_connection_cache_on_demand=no
#    -o smtp_send_xforward_command=yes



# main external smtp entry for SecureMail (first interface)
:smtp   inet    n       -       n       -       10       smtpd
         -o message_size_limit=32768000
         -o cleanup_service_name=pre-cleanup
         -o content_filter=scanner:[10.20.20.10]:10023
         -o receive_override_options=no_address_mappings

# reverse smtp entry for processed mails by Scanner1
0.0.0.0:10024 inet    n       -       n       -       -       smtpd
     -o content_filter=scanner2:[127.0.0.1]:10025
     -o local_recipient_maps=
     -o relay_recipient_maps=
     -o smtpd_restriction_classes=
     -o smtpd_client_restrictions=
     -o smtpd_sender_restrictions=
     -o smtpd_helo_restrictions=
     -o smtpd_recipient_restrictions=permit_mynetworks,reject
     -o
receive_override_options=no_unknown_recipient_checks,no_header_body_checks
     -o mynetworks=10.204.20.41
     -o in_flow_delay=0
     -o smtpd_tls_security_level=none

# Interface to Scanner2
scanner2    unix    -   -   n   -   10    smtp
      -o smtp_connection_cache_on_demand=no
#     #   -o smtp_send_xforward_command=yes


# reverse smtp entry for processed mails by Scanner2
127.0.0.1:10026 inet    n       -       n       -       -       smtpd
     -o content_filter=
     -o local_recipient_maps=
     -o relay_recipient_maps=
     -o smtpd_restriction_classes=
     -o smtpd_client_restrictions=
     -o smtpd_sender_restrictions=
     -o smtpd_helo_restrictions=
     -o smtpd_recipient_restrictions=permit_mynetworks,reject
     -o
receive_override_options=no_unknown_recipient_checks,no_header_body_checks
     -o mynetworks=127.0.0.0/8
     -o in_flow_delay=0

# postfix generated settings following
trace     unix  -       -       n       -       0       bounce
verify    unix  -       -       n       -       1       verify
anvil     unix  -       -       n       -       1       anvil
scache    unix  -       -       n       -       1       scache
discard   unix  -       -       n       -       -       discard
tlsmgr    unix  -       -       n       1000?   1       tlsmgr
retry     unix  -       -       n       -       -       error
proxywrite unix -       -       n       -       1       proxymap
#smtp      inet  n       -       n       -       1       postscreen
#smtpd     pass  -       -       n       -       -       smtpd
#dnsblog   unix  -       -       n       -       0       dnsblog
#tlsproxy  unix  -       -       n       -       0       tlsproxy



# ###########################



Thanks in advance for any support.


Cheers
Konrad



--
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.