MPP has an integrated Policy Server for Postfix that is based on the Postfix SMTP access policy delegation protocol. What makes MPP unique is that our pre-queue policy server and post-queue content filter work in tandem. Additionally, the policy server is integrated into our own PolicyEngine so that our smtp checks can easily be applied on a per-group, per-address or per-domain basis.

MPP can intelligently decide if a message can be processed pre or post-queue based on the message characteristics. For example, an email for one policy-group that is blacklisted for the entire group can be dropped pre-queue while a message with multiple policy-matches and multiple bl preferences must be handled post-queue. No other solution for Postfix, commercial or open source, has this integrated approach.

MPP has many features integrated in our policy server including Access Control Lists, reputation lists, spam traps,  automatic black lists, per-user and per-group WBL's, ClientHostWBL's, Greylisting, SPF and more. All pre-queue checks are integrated in our policy framework for per-group application.

Postfix Policy Server Setup

Postfix version 2.3 or higher and MPP version 3 or higher are required to use Policy Server feature. To have MPP and Postfix configured with Policy server, you should run /usr/local/MPP/scripts/configure.pl. 

 In main.cf add the following

# -- Added for MPP --
content_filter = mppscan:[127.0.0.1]:10025
# -- end --

2) In master.cf add the following

# -- Added for MPP --
localhost:10026 inet    n       -       n       -       10      smtpd
        -o content_filter=
        -o local_recipient_maps=
        -o relay_recipient_maps=
        -o myhostname=localhost.domain.tld
        -o smtpd_helo_restrictions=
        -o smtpd_client_restrictions=
        -o smtpd_sender_restrictions=
        -o smtpd_recipient_restrictions=permit_mynetworks,reject
        -o mynetworks=127.0.0.0/8
        -o smtpd_data_restrictions=
        -o smtpd_end_of_data_restrictions=
        -o smtpd_authorized_xforward_hosts=127.0.0.0/8

mppscan    unix    -       -       n       -       10      lmtp
        -o lmtp_send_xforward_command=yes
        -o lmtp_cache_connection=no
# -- end --

3) Confirm that mppd is running and configured for postfix:

 "<email_server>postfix</email_server>"
 "<email_server_in_protocol>lmtp</email_server_in_protocol>"

4) Restart Postfix

NOTE: for Policy Server extra steps are required. Continue to step 5)

5) In mppd.conf.xml:

<policy_enabled>yes</policy_enabled>

6) In main.cf

- smtpd_recipient_restrictions MUST contain "check_policy_service inet:127.0.0.1:9998"

as last restrictions before permit

smtpd_recipient_restrictions =
    permit_mynetworks,
    reject_unauth_destination,
    check_policy_service inet:127.0.0.1:9998,
    permit

- smtpd_data_restrictions MUST contain "check_policy_service inet:127.0.0.1:9998"

smtpd_data_restrictions = check_policy_service inet:127.0.0.1:9998

7) In master.cf

- add "-o content_filter=" on line after "smtp" service

# ==========================================================================
# service type  private unpriv  chroot  wakeup  maxproc command + args
#               (yes)   (yes)   (yes)   (never) (100)
# ==========================================================================
smtp      inet  n       -       -       -       -       smtpd
   -o content_filter=

8) restart both Postfix and mppd