Table of Contents

4. Mail Server Security

4.1. Authentication and Encryption

4.1.1. Kerberos Authentication within Active Directory

4.2. SPF and DomainKeys

4.2.1. AXIGEN Signing Module Usage and Configuration

4.3. Mail Filtering

4.3.1. Message Acceptance Rules

4.3.2. Routing Rules

4.3.3. Antivirus / Antispam Filters

4.3.4. Message Rules

4.3.4.1. SIEVE Overview and Implementation in AXIGEN

4.3.5. The AXIGEN Filtering Module

4.3.5.1. Filtering Module Implementation in AXIGEN

4.3.5.2. Configuring the AXIGEN Filtering Module

4.3.5.3. AXIGEN Filtering Module Commands

4.3.6. Activating and Prioritising Filters and Rules

4.3.7. Language Specifications for Policy Configuration

4.3.7.1. SMTP Functionalities (I)

4.3.7.2. SMTP Functionalities (II)

4.3.7.3. SMTP Functionalities (III)

Previous | Next | Up | Table of Contents

4.3.5.2. Configuring the AXIGEN Filtering Module

The AXIGEN Milter implementation filter can be enabled from WebAdmin in "AntiVirus and AntiSpam" context, enable the Application named 'aximilter'.

For more information on Antivirus/Antispam Filters in AXIGEN, seeAntivirus/Antispam Filters.

AXIMilter configuration

The milter configuration resides in the /etc/opt/axigen/aximilter.conf file. Depending on the setup you want to achieve there are multiple options to consider. Due to the TCP style of sockets used you can decide you want to use one machine as mail server and another one on the network as mail scanner. You can also use the same machine. There are some other options you should consider like the number of threads and/or connections you want to allow at any given time. This can have serious productivity and security implications.

Below you can find  explanations for the available configuration options:
  • bindIp <ip> is the variable that sets the interface AXIMilter will use to listen for connections from AXIGEN. If the machine running AXIMilter has more than one interface you should change this variable to the IP of the interface available to the AXIGEN server. This should be set to a LAN IP address ensuring that the traffic between your MTA and AXIMilter is not visible to anyone else. If you run AXImilter and AXIGEN on the same machine you can leave this option unchanged.
  • bindPort <port> is the port that AXIGEN connects to when establishing a connection to the AXImilter extension. You can set this port to whatever you like as long as the port is not already bind by another process. This port must be used when creating the filter in the AXIGEN configuration. When AXIGEN initiates the connection to the socket, AXIMilter has to be listening for connections. If the port is not used by another process you can leave this option unchanged. DEFAULT: 1981
  • rwTimeout <value> is the maximum amount of time allocated to a connection session. It is expressed in milliseconds. Setting this value too high on a high traffic server might saturate all the available connections. Setting this too low on a slow machine might interfere with the communications transmitted. The range for this value is 1 - 65535. - DEFAULT: 400
  • milterIp <ip> is the IP address of the machine running the third party milter implementation. As with the "bindIp" variable this should be set to the local IP address of that particular machine or left unchanged if the other milter runs locally. DEFAULT: "127.0.0.1"
  • milterPort <port> is the port number AXIMilter connects to when establishing a connection with the third party milter implementation. This port has to be the same as the one specified in the configuration file of the third party software. This port is crucial in setting up a working milter implementation. If you change the port in the configuration of your software, you have to change it here too. Most anti-virus scanners use different ports so make sure to check which port you have to set here before testing your implementation. DEFAULT: 1990
  • logType <type> - this parameter defines where to log messages. It can be "system","file" or "stdout". The "system" value means that messages will be logged to the system log, "file" that they will be logged in a file and "stdout" that messages will be logged at standard output. WARNING: if "file" is selected for this property, the logFile must also be set. - DEFAULT "system"
  • logFile <file> - if logType has the value "file", this defines the file where messages are logged. - DEFAULT: "none"
  • logLevel <level> - the level at which messages will be logged. Possible values are:
    • 0 - only error messages will be logged
    • 1 - error and warning message will be logged
    • 2 - all messages will be logged
    • DEFAULT: 2
  • processingThreads <threads> is the number of threads ready to process requests. This number also limits the maximum connections that can be established to the AXIMilter extension. This means that if for example you set this value to 3, only a maximum 3 requests can be sent at any given time, thus only the fate of 3 emails can be decided. When one of these connections is closed a new one can be opened. Make sure you balance this value so that you don't overload the server and at the same time you don't keep too many emails waiting if you have a lot of traffic. The default value should be sufficient for most modern computers and at the same time should be reasonable enough on a medium-sized server. The range for this value is 1 - 128. - DEFAULT: 16

Top | Previous | Next | Up | Table of Contents