[Webinar] Learn how to a build a cloud-first strategyRegister Now

  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 483
  • Last Modified:

[Postfix] Filter only outbound mail

Hi All,

I search one issue for apply a postfix rule.

I would that postfix send to a server with virus scanner all mails before sending to the internet.

My customer make a AUTH connect to the postfix SMTP (port 25) after check if the customer have the right user and pass, the SMTP server would send the mail to another server (mail-filter).

I've play with the "smtpd_sender_restrictions" variable and the value "check_client_access cidr:/etc/postfix/antivirus_sortant".

Into the file I've put " FILTER smtp:[IP.SERVEUR.FILTRAGE]:10024".

The rule work find, all mails are sending to the Filter server, but the problem ... All incoming mail from the network are filter ...
I would just check the mail sending with SMTP login & pass from my customer.

Not the mail receive for example by another smtp server :)

How I can filter only mail coming from a customer ?

Thank all
  • 2
  • 2
  • 2
1 Solution
Kerem ERSOYPresidentCommented:

In fact the idea here is to setup 2 connections one would send the mail directly to internet and be setup at say 20025 and the filtered one in 25.

Kerem ERSOYPresidentCommented:
Here's how:


Plese check the section:

2. Use two or more IP addresses to only filter incoming messages (bypass filtering for internal clients)

omnipcxAuthor Commented:
Hi KeremE,

Thank for your reply.
My problem, I need to use the same ip, because, I move to a new system and it's hard to inform our customer that they need update the profil (ex outlook) with the new server.

I need realy find a issue for explain to postfix if they have a sasl login, they must give the mail to the mail filter server.

 [eBook] Windows Nano Server

Download this FREE eBook and learn all you need to get started with Windows Nano Server, including deployment options, remote management
and troubleshooting tips and tricks

For the IP address you don;t want scanned, in the file /etc/postfix/antivirus_sortant above the entry...
eg  dunno
You could use "permit" instead of "dunno".

Permit will allow the message to be accepted immediately without looking at any more rules.
Dunno simply stops any further processing/lookup on this rule. ie this rule returns nothing eg don't know. (not permit, not reject)
omnipcxAuthor Commented:
Partially solution

Featured Post

Microsoft Certification Exam 74-409

VeeamĀ® is happy to provide the Microsoft community with a study guide prepared by MVP and MCT, Orin Thomas. This guide will take you through each of the exam objectives, helping you to prepare for and pass the examination.

  • 2
  • 2
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now