Larry Smith Jr.

Larry Smith Jr.

Exploring and sharing practical insights on virtualization, cloud technologies, automation, and DevOps. My mission is to empower others to build, automate, and innovate with confidence.

Ubuntu UTM Homebrew - Part 3 - Mail Proxy and Spam Checker

1 minute read

In this guide we will be setting up a mail proxy and spam checker that will run transparently.  This will be running on our Ubuntu UTM server that we have been building and you can check out Part 1 and Part 2 as well.

We will be using EXIM4 (Using google as a smarthost), P3SCAN, SpamAssassin and clamav (already installed from part 1 of the UTM setup).

So let’s get started.

Install the packages we need for this all to work

sudo apt-get install exim4 sa-exim spamassassin
```bash

Now we need to configure exim to use Google as a smarthost

```bash
sudo dpkg-reconfigure exim4-config
```bash

Choose "Mail sent by smarthost...
Set system mail name to whatever fits for you
On the screen for "IP address or host name of outgoing smarthost"
enter

```bash
smtp.gmail.com::587
```bash

(two colons)
Now we need to configure exim with the username/password to use for
relaying to work through google

```bash
sudo nano /etc/exim4/passwd.client
```bash

add these lines to the end of the file

```bash
smtp.gmail.com:[email protected]:PaSsWoRd
gmail-smtp.l.google.com:[email protected]:PaSsWoRd
*.google.com:[email protected]:PaSsWoRd
```bash

Now we need to configure the iptables rules for the redirect to work as
traffic passes through our bridged utm server and flows through p3scan.
This will be accomplished by adding the following rules.

```bash
sudo iptables -t nat -A PREROUTING -i br0 -p tcp -m tcp --dport 25 -j REDIRECT --to-port 8110
sudo iptables -t nat -A PREROUTING -i br0 -p tcp -m tcp --dport 110 -j REDIRECT --to-port 8110
sudo iptables -t nat -A PREROUTING -i br0 -p tcp -m tcp --dport 143 -j REDIRECT --to-port 8110
```bash

Now we should have a working mail proxy and spam checker as email flows
start passing through the UTM.  This will only work with smtp (tcp/25),
pop3 (tcp/110) and imap (tcp/143).  This setup will not work with any
web based email.  You can verify that email is getting redirected
through the proxy using the following command.

```bash
sudo iptables -L -v -n -t nat

image

And there you go. If you have any questions please let me know.

Updated:

You May Also Enjoy

NFD24 - DriveNets


2 minute read

Recently I had the privilege to attend NFD 24 in which DriveNets presented. I had never heard of them until this event. Which I am shaming myself for because...