Ubuntu: The perfect mail gateway server

I’m setting up a new firewall, email gateway server using Ubuntu 8.04LTS. As in a previous post, I’m following (not always by the book) the Howtoforge to setting up a email/spam gateway Ubuntu mail gateway.

Three things didn’t go quite as expected, and so here they are engraved for ever in the internet stone:

1st) General: In the Webmin Others->Server and System Status, the Apache server monitoring reports apache as always down. The solution is to go to Servers->Apache Webserver and select on the top the link Module Config. At the bottom the option Path to Apache PID file is set to Automatic. Change it to point to /var/run/apache2.pid and save. The webmin monitor now for apache should show the apache status as OK.

2nd) Mail: I really like Mailscanner and it’s partner Mailwatch. One of the issues that I was having was that the messages that where in quarantine, Mailwatch didn’t show any option to delete or release the messages for them. The issue was lack of folder permissions. Mailwatch couldn’t access the quarantine directory. So executing the command chown -R postfix:www-data /var/spool/MailScanner and chown -R postfix:www-data /var/lib/MailScanner/ did the trick, and I can now delete and release quarantine messages.

3rd) Mail relay: After setting up postfix, all incoming messages where refused on the external interface because postfix denied relaying. Please note that I’m using this server to receive mail from the internet, to see if a mail is safe, no virus, no spam, no phishing, and so on, and then forward it to our internal mail servers. So I have a relay_domains file that describes our domains, and a transport file that specifies where are the “real” mail servers, but even with this, postfix was always refusing the mails.

The solution for this issue is on the empty mydestinations option. Setting up this option with mydestination = hash:/etc/postfix/relay_domains and stoping and restarting postfix, did the trick.

Regarding the howtoforge manual, I skiped some of the things, like fuzzyocr, and removed Bind9 from the server.

As I progress in setting up and configuring the the server, if anything worth mention, I’ll post it here.

Linux mail gateway

I’ve run where I work for 4 years a Mandrake based firewall with Postfix and Mailscanner. I really, really liked mailscanner, but for my colleagues the setup was “too complicated”. So I moved to EFW, Endian Firewall comunity edition. What it brings in ease of use it lacks in flexibility.

Finally my prayers where listen, and I’m going to move again to a custom build full fledged mail gateway with Mailscanner. Check out: this howto.