How to Install and Configure eFa as a Send-Only SMTP

Questions and answers about how to do stuff
Post Reply
null
Posts: 1
Joined: 10 Dec 2019 06:45

How to Install and Configure eFa as a Send-Only SMTP

Post by null »

Hello everyone,

In short, I want to talk about our structure and what we want to do. I would like to send out "only" outgoing e-mails from our e-mail server (eg exchange, zimbra, icewap, etc.) with the "Efa gateway". As antispam, I don't want e-mails sent from outside to be scanned and forwarded to our server.

1) Can I use an Efa gateway in such a structure? Only as "MTA"

2) How should I define "domain addresses already added on Exchange" via EFA Gateway?

3) Is it possible to allow all e-mail transmissions from a specific IP by allowing the e-mail server network address?

4) via EFA (or using the command line interface), e-mail sending "domain or e-mail account for" daily / hour and so on. can email limit be set?

5) Can I remove the e-mail permission for "an e-mail account" from any previously permitted IP address or domain address? For example, suppose the IP address "108.108.108.108" is allowed. I want to block "only finance@example.org" from sending mail while all other accounts with example.org extensions can send emails. Can this be done?

As a new user and as a non-native English speaker, I apologize for all my stupid questions.
webguyz
Posts: 61
Joined: 26 Oct 2016 02:17

Re: How to Install and Configure eFa as a Send-Only SMTP

Post by webguyz »

We use EFA 3.0.25 as a Outgoing Only appliance and it replaced our Mailchannels service we were paying for.

We basically define our EFA as being a Smarthost for the 10 different mail servers on our Class C network. We defined our entire class C of IP's as being allowed to send thru the EFA.

We forward mail for about 250 domains. All domains we forward mail for have a DNS SPF record that includes our entire class C subnet as being allowed to send on behalf of that domain.

Postfix has a neat option to Randomize IP addresses so we use 10 Public Internet addresses to send email. Normal weekday traffic is about 8K emails a day that this one EFA delivers and its barely breaking a sweat. Can probably handle 20k a day or more without a problem.

Here is the link I found that tells you how to modify Postfix to allow random ip's to avoid being rate limited and it works great

https://shami.blog/2016/04/randomize-so ... h-postfix/

You also need to search on how to add additional IP addresses to a Centos server and also setup reverse PTR records for each of the IP's your using in DNS.

We do not allow users to access the outgoing email and we had an admin check the spam daily to see if anything valid got stopped. We also Whitelist/Blacklist as needed and this is a learning process for the first month. Now we don't even check the efa unless someone has an issue. We set our system to keep all non-spam in quarantine for 30 days. After tweaking the Spamassassin score the mail we send hardly ever has any spam. Most spam is from website contact forms being emailed to the website admin.

Other tweaks we did was tell it to ignore outgoing attachment types and also remove any inline signatures or phishing attempt alerts.

With MailChannels we never felt comfortable not knowing what was going on. EFA is great and Mailwatch instantly tells you what you need. We set up SQL filters for quickly checking Spam and other critical info so maintenance is simple.

Really great to save some money and have more control over our outgoing emails.
Post Reply