Hello, I’m a student and I was assigned to research mail configuration via ciphermail gateway. Currently, I have installed a mail server using dovecot, postfix and configured ciphermail gateway. but I don’t know how the message can go through the ciphermail gateway to encrypt/decrypt and return to the user. Please help me configure mail transfer. thank you!
CipherMail gateway should be configured as a “postfix after queue filter”, i.e., the first time postfix receives an email, postfix will deliver the email to the CipherMail back-end. After handling, the back-end will then send the email back to postfix for further delivery.
For details on how to configure a postfix after queue filter, see Postfix After-Queue Content Filter
Basically what you need to configure is:
master.cfadd a service (for example name it ciphermail)
ciphermail unix - - n - 4 smtp -o smtp_send_xforward_command=yes -o disable_dns_lookups=yes -o smtp_generic_maps=
content_filterto point to the IP of the CIpherMail back-end
content_filter = ciphermail:[127.0.0.1]:10025
this will send email to the back-end on localhost:10025
Add a “reinjection” port to postfix for email sent by the back-end back to postfix
master.cfadd a service
# injection port for mail handled by the back-end 127.0.0.1:10026 inet n - - - 10 smtpd -o content_filter= -o receive_override_options=no_unknown_recipient_checks,no_header_body_checks,no_milters -o smtpd_helo_restrictions= -o smtpd_client_restrictions= -o smtpd_sender_restrictions= -o smtpd_recipient_restrictions=permit_mynetworks,reject -o smtpd_tls_security_level= -o mynetworks=127.0.0.0/8 -o smtpd_authorized_xforward_hosts=127.0.0.0/8 -o smtpd_authorized_xclient_hosts=127.0.0.0/8 -o cleanup_service_name=cleanup_reinject
What is important is that
content_filteris set to an empty value to prevent a mail loop
I would suggest you have a look at the Virtual Appliance because that is already a configured and working system.
nice that you are here
I have the very same question, although not a student any longer…
From the discussion - it is NOT clear, which master.cf are you talking about, there will be two: one from the original postfix and one from the ciphermail postfix. This is not clear in your answer.
I setup the Virtual Appliance, still I need to change main.cf/master.cf of the original postfix, otherwise ciphermail will be totally ignored.
Question is: do I need to change name, IP of the original postfix to make ciphermail work?
There need to be more changes than installing and configuring ciphermail, there MUST be changes to the config files of the original postfix, too.
I am lost here as well.
Unfortunately the documentiation does not mention at all. HOWTO, integrate ciphermail, into an existin mail system with one mail server (postfix).
Glad for any help,
Well, it is all in the net…
This post opened my eyes, got everything working, including amavis content filter
Good to hear you got it working