PureMessage for UNIX: configuring IP Blocker with third-party versions of Postfix

  • Article ID: 17168
  • Rating:
  • 1 customers rated this article 1.0 out of 6
  • Updated: 18 Jul 2011


Using the IP Blocker feature in PureMessage for UNIX with a third-party version of Postfix.

Note: PureMessage for UNIX includes a fully tested version of Postfix. Therefore we only offer limited support for third-party installations of Postfix (see the note below for more details).

Postfix bundled with PureMessage supports passthrough and tempfail behavior when the IP Blocker service is unreachable. However, the third-party version of Postfix can only tempfail when this happens.

Sophos product and version

PureMessage for UNIX

What to do

  1. To enable the IP Blocker service in an external version of Postfix, log in as the root user and add the following line to $PREFIX/postfix/etc/main.cf in a text editor (or use postconf -e):

    smtpd_client_restrictions=check_policy_service inet:localhost:4466

    If PureMessage is running on a different host, substitute 'localhost' with the hostname of the PureMessage server. The hostname must match the one specified in etc/pmx.d/blocklist.conf on the server running pmx-blocker.

  2. If the IP Blocker service is not running, do one of the following:
    • as the PureMessage user ('pmx' by default), run pmx-blocker start
    • On the Local Services tab of the PureMessage Manager, start the IP Blocker service .
  3. As the root user, restart Postfix.

Note: As external/third-party versions of Postfix are not quality assured for integration with PureMessage, Sophos reserves the right not to provide support for an issue that appears to be related to any such custom configuration. We may recommend that you install the PureMessage version of Postfix for further resolution because custom mail transfer agents (MTAs), such as versions of Postfix provided by a third party, may not have the dependencies or the application programming interfaces (APIs) necessary to interface with the Sophos software.

If you need more information or guidance, then please contact technical support.

Rate this article

Very poor Excellent