configure mx-gateway on postfix

There are basically two main security profit to using an postfix mx-gateway. One of, it’s much easier to keep secure a single SMTP gateway from external threats than it’s keep secure multiple internal e-mail servers. Second one is, separating Internet mail from internal mail permits one to move Internet mail transactions off the internal network entirely.
This article will describe how to configure mx-gateway in Postfix, which will first scan (Spam, Contents, Virus/Trojans) all incoming mails and then deliver to destination server.
The motivation for this is to improve security, since the email gateway hypothetically only exposes its SMTP port, and will not store any emails,
So first of all install MTA to accomplish the task. In this article we are using postfix MTA.

#yum install postfix

Now we need to do some configuration in postfix MTA open the postfix configuration file main.cf and append or uncomment the following lines

#vi /etc/postfix/main.cf

myhostname = forwarder.domain.com
mydomain = localhost
myorigin = $mydomain
inet_interfaces = all
mydestination = $myhostname, localhost.$mydomain, $mydomain
relay_domains = linuxpcfix.com yourdomain.com
local_transport = error:local mail delivery is disabled
mynetworks = 127.0.0.0/8,
smtpd_recipient_restrictions = permit_mynetworks, reject_unauth_destination
transport_maps = hash:/etc/postfix/transport

Now create the mail route map. Edit /etc/postfix/transport using vi editor and include following line:

#vi /etc/postfix/transport

linuxpcfix.com smtp:backend.domain.com
yourdomain.com smtp:backend.domain.com

Top update the postfix database please perform the following command.

#postmap /etc/postfix/transport

Note:: you can also use relay_recipient_maps directive to point a file that lists all of the email addresses for which the email gateway will accept mail.

#vi /etc/postfix/main.cf

relay_recipient_maps = hash:/etc/postfix/relay_recipients

#vi /etc/postfix/relay_recipients

user1@linuxpcfix.com OK
user2@linuxpcfix.com OK
user1@yourdomain.com OK
user2@yourdomain.com OK

#postmap hash:/etc/postfix/relay_recipients

Finally restart the postfix

#service postfix restart

That’s it, now it’s time to confirm that mxgateway working or not.

#tail -f /var/log/maillog

Aug 13 00:27:21 mxgateway postfix/smtpd[389]: 358891A48A7: client=unknown[193.168.1.1]
Aug 13 00:27:21 mxgateway postfix/cleanup[393]: 358891A48A7: message-id=<53EB1313.7070909@gmail.com>
Aug 13 00:27:21 mxgateway postfix/qmgr[363]: 358891A48A7: from=, size=1536, nrcpt=1 (queue active)
Aug 13 00:27:21 mxgateway postfix/smtpd[389]: disconnect from unknown[193.168.1.1]
Aug 13 00:27:42 mxgateway postfix/smtp[394]: 358891A48A7: to=, relay=backend_server_ip[backend_server_ip]:25, delay=22, delays=0.22/0.05/8.4/13, dsn=2.0.0, status=sent (250 OK id=1XHSxw-0004A9-O8)
Aug 13 00:27:42 mxgateway postfix/qmgr[363]: 358891A48A7: removed

August 13, 2014 Admin Postfix No Comment centos, fedora, linux, mxgateway, Postfix

About Admin

I am founder and webmaster of www.linuxpcfix.com and working as a Sr. Linux Administrator (Expertise on Linux/Unix & Cloud Server) and have been in the industry since more than 14 years.