Views:
In this configuration, one server hosts a Postfix instance as an upstream MTA for receiving (Server #1) and a second server hosts a Postfix instance as the downstream MTA for delivering (Server #3). A third server hosts the IMSS daemon , which sits between the two Postfix servers as a scanning proxy (Server #2).
linux-sandwich-model.jpg
Sandwich model
Trend Micro recommends deploying Sender Filtering as the first line of defense in your messaging infrastructure. If you choose to enable the Sender Filtering service, the preceding sandwich model will change.
linux-sandwich-model_001.jpg
Sandwich model with Sender Filtering enabled
This configuration is suitable for large corporations with heavy SMTP traffic. Each server has its own specific purpose and task and will not affect other servers. Using this type of setup increases your network load.
This configuration is highly flexible; you can replace Postfix with any SMTP MTA. But you are responsible for setting up connection control and domain relaying.
Here are the configuration settings if you use Postfix as the MTA:
  • In /etc/postfix/main.cf on server#1, add the following to relay mail to server #2:
    relayhost=[ip_of_server2]:10025 
default_destination_recipient_limit=100 
default_destination_concurrency_limit=50
    (Sender Filtering only) FoxProxy is a key FoxHunter component that collects the client behavior statistics and blocks or rejects SMTP client connections depending in the reputation data available from the local BIND server or Trend Micro Email Reputation Services (ERS). FoxLib is a component used by Postfix to provide the IP address of the SMTP client that contacts FoxProxy instead of the FoxProxy IP address (127.0.0.1). FoxLib is implemented by a shared library libTmFoxSocketLib.so. Postfix loads this library during startup based on the import_environment configuration setting in the Postfix main.cf configuration file:
    import_environment = MAIL_CONFIG MAIL_DEBUG MAIL_LOGTAG
TZ XAUTHORITY DISPLAY LANG=C
LD_PRELOAD=/opt/trend/imss/lib/libTmFoxSocketLib.so
TM_FOX_PROXY_LIST=/opt/trend/imss/config/foxproxy.list
TM_FOX_PROXY_CONNECT_PORT=2500
  • In /opt/trend/imss/config/imss.ini, open connection restrictions and point the downstream server IP to server #3:
    imss socket binding address 
[socket] 
proxy_smtp_server_ip=all 
[smtp] 
smtp_allow_client_ip=127.0.0.1, ip_of_server1 
downstream_smtp_server_addr=ip_of_server3
  • In /etc/postfix/master.cf on server #3, modify smtpd settings to receive mail on port 10026:
    10026 inet n - n - - smtpd
Related information