close
Mailspect Documentation
Postfix with Policy Server

Mailspect with Policy Server requires Postfix 2.3 or higher.

NOTE: /usr/local/MPP/scripts/configure.pl will perform these changes to main.cf/master.cf.

  • In /etc/postfix/main.cf add the following
# -- Added for MPP --
content_filter = mppscan:[127.0.0.1]:10025
# -- end --
  • In /etc/postfix/master.cf add the following
# -- Added for MPP --
localhost:10026 inet    n       -       n       -       10      smtpd
       -o content_filter=
       -o local_recipient_maps=
       -o relay_recipient_maps=
       -o myhostname=localhost.domain.tld
       -o smtpd_helo_restrictions=
       -o smtpd_client_restrictions=
       -o smtpd_sender_restrictions=
       -o smtpd_recipient_restrictions=permit_mynetworks,reject
       -o mynetworks=127.0.0.0/8
       -o smtpd_data_restrictions=
       -o smtpd_end_of_data_restrictions=
       -o smtpd_authorized_xforward_hosts=127.0.0.0/8

mppscan    unix    -       -       n       -       10      lmtp
       -o lmtp_send_xforward_command=yes
       -o lmtp_cache_connection=no
       -o disable_mime_output_conversion=yes
# -- end --
  • In /usr/local/MPP/mppd.conf.xml configure MTA, protocol and enable policy server
<email_server>postfix</email_server>
<email_server_in_protocol>lmtp</email_server_in_protocol>
<policy_enabled>yes</policy_enabled>
  • In /etc/postfix/main.cf

smtpd_recipient_restrictions MUST contain "check_policy_service inet:127.0.0.1:9998" as last restrictions before permit

smtpd_recipient_restrictions =
    permit_mynetworks,
    reject_unauth_destination,
    check_policy_service inet:127.0.0.1:9998,
    permit

smtpd_data_restrictions MUST contain "check_policy_service inet:127.0.0.1:9998"

smtpd_data_restrictions = check_policy_service inet:127.0.0.1:9998
  • In /etc/postfix/master.cf

Add "-o content_filter=" on line after "smtp" service

# ==========================================================================
# service type  private unpriv  chroot  wakeup  maxproc command + args
#               (yes)   (yes)   (yes)   (never) (100)
# ==========================================================================
smtp      inet  n       -       -       -       -       smtpd
   -o content_filter=
  • Restart Postfix and Mailspect mppd
sudo postfix reload
sudo /usr/local/MPP/mppd -r