External antispam/antivirus

Discuss your pilot or production implementation with other Zimbra admins or our engineers.
Post Reply
carnao
Posts: 1
Joined: Thu Feb 28, 2019 2:08 pm

External antispam/antivirus

Post by carnao »

Hello,
we have a setup with a multi server zimbra 8.8.11 with:
- one mta/proxy server
- one mailbox server
- external antispam/antivirus server

This is working as expected but messages for domainds hosted on our server are delivered locally bypassing the external antispam/antivirus
Is there a "standard" way of doing this? We found some similar question in the forums but they are old or for different configurations..

We may have found a solution modifying postfix configuration files, can someone confirm that this could be a good solution or point out any problem?
The only file we have modified is the /opt/zimbra/common/conf/tag_as_originating.re.in changing it from this:

/^/ FILTER smtp-amavis:[%%zimbraLocalBindAddress%%]:10026

to this

/^/ FILTER smtp:[ourexternalantispam.com]:25

In the postfix main.cf this is used this way:
smtpd_sender_restrictions = check_sender_access regexp:/opt/zimbra/common/conf/tag_as_originating.re, permit_mynetworks, permit_sasl_authenticated, permit_tls_clientcerts, check_sender_access regexp:/opt/zimbra/common/conf/tag_as_foreign.re

Our understanding is that
- for messages coming from "outside" both of the check_sender_access generate a FILTER action and only the second is executed wich is from tag_as_foreign.re and is FILTER smtp-amavis:[127.0.0.1]:10024; reinjecting the message in the local queue and finally delivering it to the mailbox
- messages originating from zimbra (webmail or client) one of the permit_* rules stops the evaluation of the others , and only the first FILTER event gets fired which is from tag_as_originating.re and is FILTER smtp:[ourexternalantispam.com]:25 delivering the message to the external antispam

Thanks,
Luca
Post Reply