Hello,

I use mailcow and proxmox mail gateway (pmg). Mails from and to external addresses will be send trough pmg well. I setup a transport map which I select at the domain settings. But I also want local mails should be checked by pmg. I tried to setup a transport map with destination *. Then all mails are sended to pmg and back to mailcow but then the mails stay in the queue and will not delivered to the mailbox. So is it possible to setup my idea?

mailcow mailbox1 will send to mailcow mailbox2. So mailcow send the mail to pmg, there the mail will be checked and then pmg send the mail back to mailcow. Mailcow recognized the mail from the pmg and will put the mail directly to the mailbox.

Best regards,

BJ

  • Thank you for your ideas. Regardless of your understanding of why I’m using pmg, a solution would be nice. It is currently not possible to do it without pmg. I asked the mailow company for support some time ago but didn’t get any response. Perhaps the mail got lost in space 🙂. So self is the man.

    I found a way. This is not ideal yet, but it works for now and should survive an update. It could bring some problems if mailcow changes the handling of incoming mails from the clients. So it need to be verified before each update. In case anyone needs a similar solution, here’s what I did:

    In the folder “/opt/mailcow-dockerized/data/conf/postfix”

    cp anonymize_headers.pcre extra_modify_headers.pcre

    edit “extra_modify_headers.pcre” and add the following line at the bottom

    /^Subject: (.*)$/ FILTER smtp:PMGSERVER

    edit “extra.cf” and add the following line at the bottom

    smtp_header_checks = pcre:/opt/postfix/conf/extra_modify_headers.pcre

    restart docker postfix container and done.

    Also set sender dependent transport for every domain in mailcow GUI.

    What happens?

    Mailcow uses postfix to replace the headers of mails from the clients at port 465,587. Incoming mails on port 25 doesn’t need the replacement. The rules to edit the header are placed in the “anonymize_headers.pcre” file. The file will be overwritten by mailcow updates, so this must be copied. I added a rule to set a new filter for the mail. The filter is reachable through smtp as the line shows. I choose one header which should match every mail. Setting any header would increase postfix logs a lot because the filter would be set again and again for every matching header. After the mail passed the first queue the mail will be send to the filter in this case pmg. pmg can now do its work and then send the mail back to mailcow at port 25. Here the mail get processed normally like every other external mail. The “extra.cf” file is used by mailcow for custom modifications at the main.cf. So it survive updates.

    My frist idea was to edit the master.cf but this will not survive updates. At the moment mailcow only accept custom main.cf entries as I could see in the docs.

    If someone knows another solution, it would be nice if we exchange ideas.

    Best regards,

    BJ

Why would you also have local mails checked by pmg? This is already done internally with mailcow, with clamav and oletools/olefy.

Have something to say?

Join the community by quickly registering to participate in this discussion. We'd like to see you joining our great moo-community!

PMG gives necessary features for me. At the moment it would be too much work to build the same features in mailcow if it would be possible. So it is easier to force all mails going trough the pmg if possible.

About which features are you talking? Again, antivirus and office macro checks are automatically done within mailcow. It uses even the same ClamAV as PMG does…
I don’t get why it would be “too much work”?
Which additional features do you need for internal communication?

  • Different third party antivirus scanner
  • Third Party ClamAV Databases
  • Third Party SpamAssassin Modules
  • Cluster-wide training
  • Tracking Center

I use a lot of third party integrations and solutions from and for proxmox. Not every integration is available for rspamd or possible to integrate with mailcow easily. Every mail also internal mails, should be handled like possible bad mails. Also mails between different domains on the same server must be handled as external mails. At the moment it would be easier to send the mails trough pmg instead of changing to mailcow only.

docs.mailcow.email Icon Additional Databases - mailcow: dockerized documentation

docs.mailcow.email Icon docs.mailcow.email
Additional Databases - mailcow: dockerized documentation
None
docs.mailcow.email

Spamassassin for mails inside the same mailserver??
Cluster? I didnt know that mailcow is a cluster product, and as you have already PMG at the edge handling spam, cluster wide training makes no sense.
Your use case sounds like a commercial one, so you should approach the company behind mailcow for feature request.

Thank you for your ideas. Regardless of your understanding of why I’m using pmg, a solution would be nice. It is currently not possible to do it without pmg. I asked the mailow company for support some time ago but didn’t get any response. Perhaps the mail got lost in space 🙂. So self is the man.

I found a way. This is not ideal yet, but it works for now and should survive an update. It could bring some problems if mailcow changes the handling of incoming mails from the clients. So it need to be verified before each update. In case anyone needs a similar solution, here’s what I did:

In the folder “/opt/mailcow-dockerized/data/conf/postfix”

cp anonymize_headers.pcre extra_modify_headers.pcre

edit “extra_modify_headers.pcre” and add the following line at the bottom

/^Subject: (.*)$/ FILTER smtp:PMGSERVER

edit “extra.cf” and add the following line at the bottom

smtp_header_checks = pcre:/opt/postfix/conf/extra_modify_headers.pcre

restart docker postfix container and done.

Also set sender dependent transport for every domain in mailcow GUI.

What happens?

Mailcow uses postfix to replace the headers of mails from the clients at port 465,587. Incoming mails on port 25 doesn’t need the replacement. The rules to edit the header are placed in the “anonymize_headers.pcre” file. The file will be overwritten by mailcow updates, so this must be copied. I added a rule to set a new filter for the mail. The filter is reachable through smtp as the line shows. I choose one header which should match every mail. Setting any header would increase postfix logs a lot because the filter would be set again and again for every matching header. After the mail passed the first queue the mail will be send to the filter in this case pmg. pmg can now do its work and then send the mail back to mailcow at port 25. Here the mail get processed normally like every other external mail. The “extra.cf” file is used by mailcow for custom modifications at the main.cf. So it survive updates.

My frist idea was to edit the master.cf but this will not survive updates. At the moment mailcow only accept custom main.cf entries as I could see in the docs.

If someone knows another solution, it would be nice if we exchange ideas.

Best regards,

BJ

a year later

I dont know how to do it in mailcow, but actually the right way to do this is by adjusting the Postfix master.cf with a content filter as follows:

Find /etc/postfix/master.cf and look for the submission entry and add the content_filter= below:

submission inet n       -       n       -       -       smtpd
  -o content_filter=smtp:[pmg.example.com]:25

and repeat for smtps

smtps     inet  n       -       n       -       -       smtpd
  -o content_filter=smtp:[pmg.another.com]:25

The result is all mail received from your email accounts (submitted through ports submission port 587/tcp or smtps port 465/tcp) will be sent to the content filter specified, which is PMG. If the PMG is located on the same network you can specify port 26 FYI.

I haven’t figured out how to configure this kind of change for mailcow but this would be wonderful if configurable by the web-interface.

Just a quick follow-up, I was able to make the necessary changes to my mailcow set by editing /opt/mailcow-dockerized/data/conf/postfix/master.cf as above and restarting the postfix container. Both my incoming and outgoing email goes through PMG.

MX record points to PMG, and then setup a transport for your example.com to point to mailcow.example.com port 25 without MX lookup.

If you are receiving email to PMG first, on the Mailcow side in addition to the master.cf edits you’ll need to add a filter rule for incoming email as follows: System->Configuration->Options->Forwarding Hosts, then add the IP (or I guess domain name) of your PMG server so it will accept incoming mail from it since you’ve asked PMG to do the virus/spam check, greylisting or whatever else, the result is already clean for mailcow. Otherwise Mailcow might reject emails from PMG.

Hope this helps anyone else.

No one is typing