Hi Guys I have ISPconfig3.1.11 running well on Ubuntu 16.04 on a hyper-V VM , all works well . I have a Proxmox mail gateway that filters all incoming mail and then passes it on to my ISPconfig3 server and both do a phenomenal job . Proxmox can also filter outgoing email , where in the ISPconfig can I configure outgoing traffic to go to the Proxmox mail gateway so that I can scan outgoing mail ? At the moment is passes directly to the network Router .. Thanks
I never played with proxmoxs mail gw but in general, I can imagine several ways to get my mail to it. But first: Why? Do you want to enable dkim signing with it or does it happen before? If so and proxmox gw modifys your mail it needs to be signed again. Usually you shouldn't have to filter outgoing mails - do you host spammers or is there potential someone could abuse your mailserver? If you had a spammer sending 100k+ mails your queues might get flooded anyway ... didn't think about the needed resources at all. Maybe just use rate limiting. Anyways, you could use relay or lmtp transfer. Soo does the gateway accept any mails scheduled for outgoing without user authentification ( make sure no one abuses it )? You could use the relayhost = externalmailserver config. Do you need the mail back from the gateway? Like amavisd would work? ( postfix => mail gw => postfix => receiver )
Hi Glad you asked . We use Proxmox to filter incoming mail through smtp , it then forward the mail to our ispconfig server and it works well , we use ISPconfig's dkim setup and it works . The Proxmox mail gateway does not interfere with it . We have had issues in the past with clients using webmail on their own home machines and typing a password in and getting it hacked by keylogging spyware . This means their account got hacked and was used to span thousands of outgoing emails . The ability to scan outgoing mail helps circumvent this . The amount of work involved reversing the damage to domains is hideous ( and embarrassing ) , if we can divert the mail from ispconfig through the Proxmox mail gateway to have it scanned then this would be extra security and more peace of mind . How do I use the rate limiting ? Thanks
You could use http://postfwd.org/ for example - it's not part of the perfect setup sadly. But ... internet knows stuff yeah or can build your own version of http://www.simonecaruso.com/limit-sender-rate-in-postfix/ Also implement some kind of http://www.postfix.org/TUNING_README.html#conn_limit to restrict malware to start 50 connections for one account. if you see a spike ( watch postfix stats ) disable account / change password / whatever your docs say and you will save resources on your filtering/scan software. @Jesse Norell might answer the question about implementing the gateway between your users and the cloud user
