On 6/9/2015 11:31 AM, Michael Munger wrote: > I was referring to TCP header re-writes. But, now that I think about > it, the re-write would have to happen at the Exchange level after > receipt. (Can't do it pre-send unless the entire message fit in a > single packet. So... that's not going to work). > > Since this is the case, then I will probably have to migrate the > spam filter to happen at the Postfix proxy, which requires we write > a connector to their CRM system. Not a big deal, but not as easy as > I was hoping. > > Now, back to the proxy setup? Where should I start reading?
Postfix isn't a proxy and can't be configured to behave as one. Maybe you're just using that term to refer to an email gateway/firewall, and not really expecting a proxy. Postfix is commonly used as a high performance front-end for Exchange or other "enterprise" systems. Basic docs here: http://www.postfix.org/STANDARD_CONFIGURATION_README.html#firewall Also, postfix *must* know the valid recipients. If you simply accept all mail and let Exchange bounce the undeliverables, it won't take long for your server to be blacklisted as a backscatter source. Either periodically export a list of recipients from Exchange to postfix, or configure LDAP on the postfix server to query your AD. See google for details. -- Noel Jones