Spam Experts Help

Configure Journaling in Spam Experts/Postfix on Linux

There are two ways to configure journaling with Postfix:

Before you set up your journaling using either the global or a local journaling address you must first ensure Archiving is enabled in Spam Experts - see Enable Archiving on a Domain.

Set up Journaling Using a Local Journaling Address in Postfix on Linux

There are three steps to setting this up:

The following configuration has been tested on Ubuntu 14.04.5 LTS, other distributions may use different file locations.

Make sure your Postfix configuration files are stored in /etc/postfix/.

Create a Transport Rule for Each of the Two Journaling Addresses

  1. Add the following lines to the postfix transport table e.g. /etc/postfix/transport replacing the placeholder values with appropriate values for your setup (do not include the angle brackets):
  2. <ma-journal-address@yourdomain> smtp:<outbound SMTP server>:587
    <internal-journal-address@yourdomain> external-pipe

  3. Run the following command as root to create the transport database:
  4. postmap /etc/posfix/transport

  5. Ensure that the transport_map line in /etc/postfix/main.cf is set to use the transport map database:
  6. transport_maps = hash:/etc/postfix/transport

Edit the Postfix Master Config File and Add an External Pipe Transport to the Journaling Script

Add the following lines to /etc/postfix/master.cf (the second line must be indented):

external-pipe unix - n n - - pipe
    flags=DRhu user=dovecot:dovecot argv=/etc/postfix/journal.sh {-f $sender} {-j <external journal address>} {-d <yourdomain>}

The script must be run as a non-root user (dovecot in this example) and not as postfix. This is to avoid potential script injection hazards.

Create a Script to Determine if the Mail is Internal and Should be Journaled

The following script can be used as a basis for your own script. Customize it to suit your own environment.

Save it as etc/postfix/journal.sh (if you save it elsewhere you must change master.cf to reflect the change).

#!/bin/bash
################
#
# Takes three parameters: -f <the from address> -j <journaling address> -d <the local domain>
#
###############
while getopts f:d:j: option
do
    case "${option}"
    in
    f) FROM_ADDRESS=${OPTARG# };;
    j) JOURNAL_ADDRESS=${OPTARG# };;
    d) LOCAL_DOMAIN=${OPTARG# };;
    esac
done
TO_ADDRESS="unset"
TO_DOMAIN=
FROM_DOMAIN=
#Create a temp file
OUTFILE="$(mktemp)"
#Cleanup on errors
trap "rm -f $OUTFILE; exit 1" 0 1 2 3 13 15 # Exit, HUP, INT, QUIT, PIPE, TERM
#Write the email to temp file and also read it to find the to and from addresses
tee $OUTFILE |
{
while read -r LINE
do
    if [[ "$TO_ADDRESS" == "unset" ]] ; then
        #Read this line and see if it is the To: line, if it is then strip out the email address
        THIS_LINE=`echo $LINE | grep -E "^(To:)" | grep -E -o "(\S)*@(\S)*" | sed 's/<//;s/>//'`
        #If the address hasn't already been captured, store it into TO_ADDRESS
        if [[ $THIS_LINE ]] ; then
            TO_ADDRESS=$THIS_LINE
            break
        fi
    fi
done
#Strip the domain from the to and from email addresses
TO_DOMAIN=$(echo $TO_ADDRESS | sed 's/.*@//')
FROM_DOMAIN=$(echo $FROM_ADDRESS | sed 's/.*@//')
#If the domains match then go ahead and send it to the journaling address
if [[ "$TO_DOMAIN" == "$LOCAL_DOMAIN" && "$LOCAL_DOMAIN" == "$FROM_DOMAIN" ]]; then
    cat $OUTFILE | /usr/sbin/sendmail -f $FROM_ADDRESS -t $JOURNAL_ADDRESS
fi
}
#Cleanup
rm -f $OUTFILE
trap 0
exit $exit_status

Ensure the script is executable by the user uid set in master.cf

Once you have completed all three steps, restart Postfix.

Set up Journaling Using the Global Journaling Address in Postfix on Linux

To set this up you need to:

Find the Spam Experts Global Journaling Address

You can find the global journal address at the Domain Level, in the Archive > Status page.

If the address ends with '@MX-record-hostname' please use @mx1.mtaroutes.com.

Set up the Global Journaling Address in Postfix on Linux

The following instructions assume that you are NOT already using Procmail. If you are already using Procmail, skip to step 3.

  1. Install Procmail using your distribution’s package management solution – e.g. sudo apt install procmail on Ubuntu or sudo yum install procmail on Centos.
  2. Edit /etc/postfix/main.cf and add the following line:
  3. mailbox_command = /usr/bin/procmail -a "$EXTENSION"

  4. Edit /etc/procmailrc and add the following:
  5. :0c:
    To:\W?.*@(?<domain>.*)(?=(?:From: ?.*@(\k<domain>)))
    !<yourglobaljournaling address>
    $DEFAULT

  6. Restart Postfix – sudo postfix reload

The setup described on this page have been confirmed working in our test environment but should be verified in your own configuration.