Home
Help
Search
Login
Register
OPNsense Forum
»
English Forums
»
Web Proxy Filtering and Caching
(Moderator:
fabian
) »
PostFix Gateway
« previous
next »
Print
Pages: [
1
]
Author
Topic: PostFix Gateway (Read 2637 times)
Goombadave
Newbie
Posts: 18
Karma: 0
PostFix Gateway
«
on:
April 26, 2020, 12:24:25 pm »
Recently I set up an email server on my local LAN. It is set to receive mail on a nonstandard port (8025 Port-Forwarded to port 25 on the LAN side) and to send mail SMTP to an email relay, also on a nonstandard port (3325). I have this setup working fine now using a single port forward to take the external (8025) (inbound mail) and send it to the server on port 25.
After configuring this I came across the PostFix plugin which looks pretty cool. My question(s) is, would it make sense to return the mail server on my LAN to a "standard" ports setup and have the Postfix gateway on OPNsense handle sending the outbound mail to the relay? And the same for inbound? Do I understand this correctly that the Postfix gateway is sort of similar to a reverse proxy for my email server? If so would I gain any security benefits using Postfix Plugin instead of Port Forwarding? (as I do with other webservers like Nextcloud) It would seem that I could get another layer of spam filtering with the Postfix Plugin. Mail Server is running Postfix on the LAN.
I have OPNsense installed with several plugins including NGINX as the reverse proxy for a few web services. OPNsense handles SSL offloading with NGINX and Let's Encrypt. I have been happy with NGINX (and HAPROXY) and the integration of Let's Encrypt. Can I/should I reverse proxy a mail server as well with NGINX? or Postfix as the gateway? Or am I fine exposing one external port (port-forwarded 8025 to 25 to mail server)?
Thanks for your input
Thoughts?
Logged
fabian
Moderator
Hero Member
Posts: 2769
Karma: 200
OPNsense Contributor (Language, VPN, Proxy, etc.)
Re: PostFix Gateway
«
Reply #1 on:
April 26, 2020, 04:46:40 pm »
The postfix plugin allows the easy integration of rspamd (other plugin) and with that also clamav. It is designed to run a mail server behind which has bad protection.
Logged
Goombadave
Newbie
Posts: 18
Karma: 0
Re: PostFix Gateway
«
Reply #2 on:
April 27, 2020, 03:21:12 am »
Thank, so I will plan to make the change. I assume I would have to set up the relay on the Postfix plugin page in OPNsense and remove the relay auth settings from my mail server itself?
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
English Forums
»
Web Proxy Filtering and Caching
(Moderator:
fabian
) »
PostFix Gateway