F-Secure Internet Gatekeeper for Linux/Administrator’s Guide
126
Settings
1 Set up F-Secure Internet Gatekeeper for Linux under a temporary host name (virus-gw) and apply
the following proxy settings:
Proxy settings
SMTP proxy:
On
Proxy port:
25
Global settings
Parent server:
Host name:
<IP address of internal mail server>
Port number:
25
Restrict e-mail recipients:
On
/ <Domain name of internal e-mail accounts>
(Example: example.com)
LAN access settings:
On
Hosts and networks within LAN:
<Hosts within LAN>
(
Example:
192.168.1.0/255.255.255.0
192.168.2.0/255.255.255.0)
2 Configure the internal mail server so that e-mails from virus-gw can be sent to other mail servers.
•
Using sendmail:
①
Add the following line to
/etc/mail/access
:
<IP
address
of
virus-gw
(
Example:
192.168.0.99)> RELAY
②
Run make at
/etc/mail.
#
cd /etc/mail/ ; make
③
Restart sendmail.
#
/etc/rc.d/init.d/sendmail restart
•
Using qmail+tcpserver:
①
Make the following changes in
/var/qmail/rc
.
/usr/local/bin/tcpserver -R -x /etc/tcp.smtp.cdb -u qmaild -g qmail 0 smtp ¥
/var/qmail/bin/qmail-smtpd | /var/qmail/bin/splogger smtpd 3 &
②
Make the following changes in
/etc/tcp.smtp
.
<IP
address
of
virus-gw
(
Example
: 192.168.0.99)>:allow,RELAYCLIENT=""
<Network
within
LAN
(
Example
: 192.168.1.)>:allow,RELAYCLIENT=""
:allow
③
Convert to cdb format with the following command:
#
tcprules tcp.smtp.cdb tcp.smtp.tmp < tcp.smtp