How to change Postfix configuration for Threat Emulation MTA
| Solution ID | sk109699 |
| Product | Threat Emulation, Threat Extraction, Anti-Spam |
| Version | R77, R77.10, R77.20, R77.30, R80.10 |
Procedure:
- Connect to command line on Security Gateway (over SSH, or console).
- Log in to Expert mode.
- Create the $FWDIR/conf/mta_postfix_options.cf file:
[Expert@HostName]# touch $FWDIR/conf/mta_postfix_options.cf - Edit the $FWDIR/conf/mta_postfix_options.cf file:
[Expert@HostName]# vi $FWDIR/conf/mta_postfix_options.cf - Add the desired parameters. Refer to official Postfix Configuration Parameters page.
- Save the changes in the file and exit from Vi editor.
- In SmartDashboard, install the Threat Prevention policy.
Common configuration:
- Mail box size and Message size:Add the following lines to the ‘
$FWDIR/conf/mta_postfix_options.cf‘ file:mailbox_size_limit = 51200000 message_size_limit = 10240000
These are the default values (in bytes). Set the relevant values according to client needs.
Important Note: Must make sure that ‘
mailbox_size_limit‘ > ‘message_size_limit‘. - Security Gateway’s hostnameThe default Security Gateway’s hostname, as it appears in mail headers and SMTP protocol connections, is the name of the Security Gateway’s object in the Smartdashboard.To change the Security Gateway’s hostname in mail headers and SMTP protocol connections, add the following line to the ‘
$FWDIR/conf/mta_postfix_options.cf‘ file:myhostname=DESIRED_NAME
(7) Troubleshooting
- Postfix log file:/var/log/maillog
- How to monitor and manage Postfix queue:Refer to relevant manual pages listed in the “Related documentation” section.
Action Command Show current queue [Expert@HostName:0]# /opt/postfix/usr/sbin/postqueue -c /opt/postfix/etc/postfix/ -p Show one mail from queue:
(5632E28B0044 is an example
Queue ID from the current queue)[Expert@HostName:0]# /opt/postfix/usr/sbin/postcat -c /opt/postfix/etc/postfix/ -q 5632E28B0044 | less Attempt immediate delivery of queue content [Expert@HostName:0]# /opt/postfix/usr/sbin/postqueue -c /opt/postfix/etc/postfix/ -f Delete one message from queue:
(5632E28B0044 is an example
Queue ID from the current queue)[Expert@HostName:0]# /opt/postfix/usr/sbin/postsuper -c /opt/postfix/etc/postfix/ -d 5632E28B0044 Delete all messages in queue [Expert@HostName:0]# /opt/postfix/usr/sbin/postsuper -c /opt/postfix/etc/postfix/ -d ALL Show postfix configuration [Expert@HostName:0]# /opt/postfix/usr/sbin/postconf -c /opt/postfix/etc/postfix/ Get postfix version [Expert@HostName:0]# /opt/postfix/usr/sbin/postconf -c /opt/postfix/etc/postfix/ | grep mail_version Restart postfix [Expert@HostName:0]# /opt/postfix/usr/sbin/postfix -c /opt/postfix/etc/postfix reload
Non-Delivery Configuration:
- Connect to command line on Security Gateway (over SSH, or console).
- Log in to Expert mode.
- Backup the /opt/postfix/etc/postfix/main.cf file:
[Expert@HostName]# cp /opt/postfix/etc/postfix/main.cf /opt/postfix/etc/postfix/main.cf_ORG - Edit the /opt/postfix/etc/postfix/main.cf file:
[Expert@HostName]# vi /opt/postfix/etc/postfix/main.cf - Add the desired parameters.
notify_classes = bounce, resource, softwareRefer to official Postfix Configuration Parameters page. - Save the changes in the file and exit from Vi editor.
- In SmartDashboard, install the Threat Prevention policy.