Re: Suggestions / Gotchas - Linux as mail proxy to MS Exchange

From: Harry Phillips (harry_at_hkjsfh.com)
Date: 08/23/03 

Date: Sun, 24 Aug 2003 00:35:05 +1000

Adam wrote:
> The company I work for is looking into setting up a Linux proxy that
> will sit between the internet (incoming mail to the domain) and our MS
> exchange server. We need the Linux box to do the following:

I have done this setup for a client of mine, though for different
reasons. The stupid Exchange plug-in that is supposed to grab e-mail
from a POP3 mailbox and deliver it locally wouldn't stay running.

>
> 1.) Filter spam with a reasonably good spam filter. By filter I mean
> something to the effect of mail that is almost certainly spam can be
> deleted and mail that has a 50/50 chance of being spam may be marked
> as possible spam but passed on to the exchange server.

Well I suggest (as others have already) spamassassin.

It will give it a score if it likely to be spam. Anything above 15 goes
straight to /dev/null, anything above 5 is considered Spam and placed in
a Spam IMAP folder. You could set it up to send the message to a
particular e-mail account.

>
> 2.) Filter e-mails with attachments. We would like to be able to
> specify that e-mails that have an attachment with an .XXX extension be
> deleted. (My department head is thinking we just want to delete the
> entire message, but realistically removing the attachment may suffice
> once he thinks it through.)

mmm... don't know about specific extensions but if I look in a message
with an attachment I see the text:

Content-Disposition: attachment; filename=

You can always get procmail to look for that text and send it to a
particular Exchange Account.

>
> 3.) Scan e-mails for viruses and clean as necessary.

Don't know about this one. I don't need it, I run a Mandrake desktop.

>
> After mail passes through all 3 of the above stages, it would be
> forwarded over to the exchange server and all would be good. :)

This is easy. In your /etc/hosts file you add the entry: 

----
192.168.1.254	exchange.company	exchange
----
Substitute the right IP for your Exchange of course. Then all you need 
to do is have the right entries in the /etc/procmailrc to forward the 
mail to the Exchange server. As an example:
----
:0c
* ^TO_abyram@ia.ua.edu
! abyram@exchange
:0c
* ^TO_next-user@ia.ua.edu
! next-user@exchange
:0c
* ^TO_last-user@ia.ua.edu
! last-user@exchange
:0
/dev/null
----
In case you don't know. The rules that start with :0c is so that the 
mail doesn't hit the first match and stop. It keeps going to the next rule.
This is important because a single message might be sent to you and 
'next-user', if you don't have the :0c only you will receive the message.
So the order of the rules I would use:
1. Send it to SpamAssassin to check it.
2. If it is above 15 send it to /dev/null
3. Look for attachments and send the message to a separate Exchange 
account (eg. attachments@exchange)
4. Send a copy of the message to anyone it is addressed to.
5. Send the message to /dev/null
Only do the last one if you don't want to keep a copy of the message.
BTW The client I implemented this setup for kept a copy of all incoming 
messages separate on the Linux box. When presented with evidence of 
e-mails received a disgruntled employee dropped their court case.
> 
> Now, what I am hoping someone here can tell me is:
> 
> 1.) What programs are suggested for the tasks we need as outlined
> above?
fetchmail
spammassassin
procmail
> 
> 2.) If anyone has already done this or has looked into it very deeply,
> do you have any suggestions of what the best way to go about this is
> and are there any gotchas we should be on the look out for?
Um, the above setup was for a single catch-all POP3 mail account hosted 
by their domain hosts. We used fetchmail to check it every three minutes.
-- 
Regards,
Harry Phillips
--- Failure is not an option,
     it comes bundled with your Microsoft product.

Relevant Pages

  • Re: Verbindung von Win Server 2003 zu Linux
    ... Der Linux Server ist als E-Mail Server eingerichtet, ... Ich will nun von meinem Exchange Server die E-Mails von dem Linux-Server ... Es liegt also nur an dem Exchange Server der ihn einfach nicht finden will. ...
    (microsoft.public.de.exchange)
  • MSF antispam info
    ... Spam and fraudulent e-mail messages are major issues for computer users ... Exchange Server, and Microsoft Exchange Hosted Filtering. ... and personalized spam protection while reducing false positives. ...
    (comp.mail.misc)
  • Re: Are SA Users ALL Idiots?
    ... > owned by ISPs that allow spam to continue. ... other user of your same ISP. ... you end up blocking all e-mails from almost all free ... I still use its Bayesian plug-in to historically ...
    (comp.os.linux.networking)
  • Re: Eigene Nachrichten und Antworten darauf automatisch downloaden (ot)
    ... wesentlich vielfältiger und genauer auf Deine Bedürfnisse abzustimmen. ... Du kannst schon auf dem GMX-Server Filter einrichten, welche E-Mails, ... Letztgenannten sind seit einigen Monaten die wahre Seuche (nicht erst ... Hättest Du ein Problem mit SPAM, dann wüßtest Du, woher das kommt. ...
    (microsoft.public.de.german.inetexplorer.ie6.outlookexpress)
  • Re: Mail spoofing and unwanted/bogus NDRs
    ... this may cause the external spam sender know the ... Microsoft Exchange Server Intelligent Message Filter v2 Operations Guide ... This newsgroup only focuses on SBS technical issues. ... | millions of messages to it all with forged or spoofed e-mail addresses ...
    (microsoft.public.windows.server.sbs)