9.3.1.1. Procedure – Configuring Postfix with ZMC

  1. Add the Mail transport component to the Zorp host in ZMC. Select a template suitable for your needs, for example, the Mail transport default template.

    Adding the Mail transport component

    Figure 9.9. Adding the Mail transport component

  2. Open the configuration tabs.

    Configuration tabs in the Mail transport plugin

    Figure 9.10. Configuration tabs in the Mail transport plugin

  3. Specify parameters in the General tab.

    1. Provide My domain.

      It specifies the DNS domain of Zorp which, in turn, defines what domain it receives mail for. Receiving mail for other domains is also possible. For details, see Appendix C, Further readings for a reference on mail administration.

    2. Enter My Hostname.

      It is the name of Zorp, exactly as it is registered in DNS. The MX record in DNS must point to this name, so it is important to specify it correctly.

    3. Provide My networks.

      It specifies what IP networks Postfix accepts outgoing mail from, in other words, for which networks it acts as a mail relay.

      Note

      Unless explicitly required by your networking requirements, do not to list all your internal networks. It can result in all your hosts being able to send mails individually and directly, which might not be optimal from security point of view. For example, viruses usually contain an SMTP component for sending mail that should not be let through the firewall.

      If you only have a single mail server for handling external SMTP messages, list the mail server's single IP address. Correspondingly, list only those network interfaces of Zorp as Listen interfaces, on which you want to handle incoming mail traffic.

    The rest of the parameters on the General tab are more special settings and their use depends on the configuration needs.

    Essential components of Postfix configuration

    Figure 9.11. Essential components of Postfix configuration

  4. Configure settings on the Master tab.

    The Master tab

    Figure 9.12. The Master tab

    Configure the settings if you have a Mail Scanner or Amavisd-new–based antivirus solution.

    The Master tab of the Mail transport component corresponds to the /etc/postfix/master.cf file.

  5. Configure settings on the Maps tab to add transport and virtual maps to Postfix.

    The Maps tab

    Figure 9.13. The Maps tab

    In order to route incoming mail from Zorp to different, internal mail domains, an SMTP transport map can be provided, with the IP address of the real, internal mail servers serving the given mail domains.

  6. Configure the Checks tab.

    The Checks tab

    Figure 9.14. The Checks tab

    This tab covers two Postfix configuration files, /etc/postfix/header_checks and /etc/postfix/body_checks. The method of the address checking can be either hash or regular expression (regexp). This can be selected from the Lookup table type combobox.

  7. Configure the Access tab.

    The Access tab

    Figure 9.15. The Access tab

    In parallel with Checks, this tab covers /etc/postfix/recipient_access and /etc/postfix/sender_access.

  8. To permit access to the Postfix service, enable the smtp local service. See Section 9.4, Local services on Zorp for details.

    Note

    Choose the zones that are allowed to access the Postfix service carefully.

Previous Up Next
 Home