Configuring IP Blocking (External Postfix Version)
PureMessage IP blocking can be configured for an
external version of Postfix.
Note: As external/third party versions of Postfix are not quality-assured for integration with
PureMessage, Sophos reserves the right not to provide
support for an issue that appears to be related to any such custom configuration, and may
recommend that you install the version of Postfix that is bundled with PureMessage to further a resolution.
-
As the root user, add the following line to
<InstallDirectory>/postfix/etc/main.cf:
smtpd_client_restrictions=check_policy_service inet:localhost:4466
If PureMessage is running on a different host,
replace localhost with the hostname of the machine on which PureMessage is installed. The hostname must match the one
specified in /opt/pmx/etc/pmx.d/blocklist.conf on the server that is
running the IP Blocker service.
-
At the command line, as the PureMessage user
("pmx" by default), run pmx-blocker start.
-
As the root user, restart Postfix.
Although the version of Postfix bundled with PureMessage can be configured to either pass messages through or
tempfail messages when the IP Blocker service is unavailable, external Postfix installations can
only tempfail messages.