qmail as a filter 1

[ManagerJay]

OK, I know what I want to do, but I'm not sure how to do it, and I'm hoping someone can help me.

Basically, the organization I work for is using an Exchange Server to handle all incoming and outgoing e-mail. Essentially, I have no rights to the Exchange Server since it is maintained by our parent organization.

I have received several requests for some sort of SPAM filtering to be implemented.

What I would like to do is have the qmail server before the Exchange server to perform SPAM checking.

I have qmail setup and running, and I have the firewall set to forward incoming traffic on port 25 to the qmail server. But, I cannot get the qmail server to forward e-mail to the Exchange server once it has been received.

I have added mnea.org to control/me and rcpthosts.

I'm sure this is a setting I have set wrong, or have missed somewhere.

Thanks in advance for your assistance.



Jay

 

[thedaver]

Jay,
Assuming the domain name "mnea.org" and the Exchange server on internal IP 192.168.100.100

in /var/qmail/control

'me' should be your qmail gateway's hostname
'locals' should empty ( 'touch locals' )
'defaultdomain' should contain your domain
'rctphosts' should contain your domain
'smtproutes' should contain "yourdomain:yourExchangeIP"
(example "mnea.org:192.168.100.100" )

CHANGE or enforce your domain's MX record to point to the qmail IP (which you appear to have done through your firewall setup).

Since this is a gateway that will have to endure doublebounces from spammers, you are also suggested to do the following:

'doublebouncehost' contains the domain name
'doublebounceto' contains 'doublebounce'

and file
/var/qmail/alias/.qmail-doublebounce
should contain a single character, "#" to send the doublebounce to the bit bucket.

This will enable the qmail gateway to receive, scan, and deliver incoming email to your exchange server.

If you want your internal Exchange server to send outgoing email through your qmail gateway, modify the gateway's
/etc/tcp.smtp
to contain an entry like
192.168.100.100:allow,RELAYCLIENT="",RBLSMTPD=""

This allows the server to uncondtionally relay email through your gateway. This adds some risk since 1) your Exchange server could get hacked/virus infected and could start spewing email through your gateway, 2) an internal user could hijaak the Exchange IP and do the same thing.

After modifying your /etc/tcp.smtp you must run
'qmailctl cdb'

Good luck.
Dave.

ps. Our firm could offer this service to your organization(s) for a fee as well.

Surfinbox.com Business Internet Services - National Dialup, DSL, T-1 and more.

http://www.surfinbox.com/business/

 

[ManagerJay]

OK, the thing I forgot was the smtproutes statement. After adding this, I am still not seeing anything forwarded to the Exchange box.

To test this, I have sent an e-mail from an external e-mail account to my mnea.org account. I do not see the e-mail ever hit the qmail queue, and once I change the firewall and deliver e-mail to the Exchange server again, the e-mail is delivered.

I have also checked the log files, and I am not seeing any errors displayed.

What else should I be looking at?

Thanks for all your help.



Jay

 

[thedaver]

I don't know what patches you applied to your qmail install. Remember that qmail-smtpd-chkuser will fail all users but your local accounts on the gateway. That's one explanation.

Another explanation is that the remote email did not attempt to deliver at all - time lag. A conincidence that doesn't seem likely, but is POSSIBLE.

Another explanation is that you mis-wired your firewall to talk to the qmail box. You seem clueful, but it's worth mentioning.

Another explanation is that you have (accidentally) left inetd, xinetd, sendmail, exim, or some other application listening on port 25. This would conflict with qmail and probably preclude any meaningful success. Check your 'ps ax' and 'lsof -Pni' for more info.

I think what you need to do is send 4-5 external messages to valid and invalid accounts at your domain with the gateway as the firewall's MTA. Then, to 'tail -f' on
/var/log/messages
/var/log/maillog
/var/log/qmail/smtpd/current

You'll diagnose your problem in one of two ways. Either 1) you will see no activity and can conclude the firewall is broken or the local box has conflicting port usage, or 2) you will see activity in the logs and we can further diagnose the matter.

Since the initial test message wasn't kicked back by the gateway, my bet is on scenario #1.

Lemme know.
D.





Surfinbox.com Business Internet Services - National Dialup, DSL, T-1 and more.

http://www.surfinbox.com/business/

 

[ManagerJay]

Thank you very much for all your help.

According to the firewall documentation, it does not have to be rebooted when changes are made to the port forwarding. But, after speaking with tech support, yes it does.

Thank again for all your help and please accept my apologies for the delay in getting back to you.

Everything is working just like it should.



Jay

 

[thedaver]

Glad it worked. Don't forget to give stars for good effort... Mark this post as helpful/expert post below.

Surfinbox.com Business Internet Services - National Dialup, DSL, T-1 and more.

http://www.surfinbox.com/business/