Configuring IP Blocking (External Postfix Version)

PureMessage IP blocking can be configured for an external version of Postfix.

Note
As external/third party versions of Postfix are not quality-assured for integration with PureMessage, Sophos reserves the right not to provide support for an issue that appears to be related to any such custom configuration, and may recommend that you install the version of Postfix that is bundled with PureMessage to further a resolution.
  1. As the root user, add the following line to <InstallDirectory>/postfix/etc/main.cf:
    smtpd_client_restrictions=check_policy_service inet:localhost:4466

    If PureMessage is running on a different host, replace localhost with the hostname of the machine on which PureMessage is installed. The hostname must match the one specified in /opt/pmx6/etc/pmx.d/blocklist.conf on the server that is running the IP Blocker service.

  2. At the command line, as the PureMessage user ("pmx6" by default), run pmx-blocker start.
  3. As the root user, restart Postfix.
Although the version of Postfix bundled with PureMessage can be configured to either pass messages through or tempfail messages when the IP Blocker service is unavailable, external Postfix installations can only tempfail messages.