How can I activate journaling in Postfix (Linux)?

If you use EuropeanMX for both inbound and outbound email filtering (using the smarthost setup), all external SMTP communication is automatically archived as part of the domain for which archiving is enabled. However, Postfix does not forward the internal communication via the outgoing smart host, so the internal communication is not archived by default.

However, archiving internal communication via EuropeanMX is quite simple and can be activated in just a few steps. The journaling system allows Postfix to automatically send a copy of all internal communication to an external e-mail address. As long as you have set up the external e-mail address with EuropeanMX for archiving, the EuropeanMX inbound filter will process the message and archive it. Configure the destination address to which the journaling reports are sent as a recipient in the approval list. This means that no filtering takes place for the received messages.

There are two ways to configure journaling with Postfix:

• Using a local journaling address: Here you create a journaling address that is local to your main domain configured in EuropeanMX, e.g. your domain name is meinedomain.de, and you decide to use europeanmxjournal@meinedomain.de.
• Using a local journaling address: Using the global journaling address: Here you use the global journaling address that the domain uses in EuropeanMX, e.g. 12h66634-2fg6-8f49-bd81-3b7c11b692dc-meinedomain.de@mx1.europeanmx.eu. 

Before you set up journaling with the global or a local journaling address, you must ensure that archiving is activated in EuropeanMX. You can find instructions on how to activate this in our FAQ "How can I set up the archive function for my domain?".

Configure journaling with a local journaling address in Postfix (Linux)

Setting up journaling with a local journaling address is a three-step process:

1. Creating an SMTP transport rule for the journaling address generated in EuropeanMX and a pipe for an internal address in your email system that will be used to forward emails to the journaling script.
2. Editing the primary Postfix configuration file and adding an external pipe transport to the journaling script.
3. Creating a script that determines if there are internal mails that need to be logged.
4. Restarting the Postfix server

Step 1: Create a transport rule for each of the two journaling addresses

Step 2: Edit the primary Postfix configuration file and add an external pipe transport to the journaling script.

Now add the following lines to /etc/postfix/master.cf (it is necessary that the second line is indented):

external-pipe unix - n n - - pipe
    flags=DRhu user=dovecot:dovecot argv=/etc/postfix/journal.sh {-f $sender} {-j <external journal address>} {-d <yourdomain>}

Step 3: Create a script that determines whether the mails are internal and need to be logged.

The following script provides you with a basis for your own script. Please adapt it to your own environment. Save the script as etc/postfix/journal.sh (if you save it elsewhere, you must adapt the file master.cfso that the change is taken into account).

#!/bin/bash
################
#
#  Takes three parameters: -f <the from address> -j <journaling address> -d <the local domain>
#
###############
while getopts f:d:j: option
do
    case "${option}"
    in
    f) FROM_ADDRESS=${OPTARG# };;
    j) JOURNAL_ADDRESS=${OPTARG# };;
    d) LOCAL_DOMAIN=${OPTARG# };;
    esac
done
TO_ADDRESS="unset"
TO_DOMAIN=
FROM_DOMAIN=
#Create a temp file
OUTFILE="$(mktemp)"
#Cleanup on errors
trap "rm -f $OUTFILE; exit 1" 0 1 2 3 13 15 # Exit, HUP, INT, QUIT, PIPE, TERM
#Write the email to temp file and also read it to find the to and from addresses
tee $OUTFILE |
{
while read -r LINE
do
    if [[ "$TO_ADDRESS" == "unset" ]] ; then
    #Read this line and see if it is the To: line, if it is then strip out the email address
    THIS_LINE=`echo $LINE | grep -E "^(To:)" | grep -E -o "(\S)*@(\S)*" | sed 's/<//;s/>//'`
        If the address hasn't already been captured, store it into TO_ADDRESS
        if [[ $THIS_LINE ]] ; then
        TO_ADDRESS=$THIS_LINE
        break
        fi
done
#Strip the domain from the to and from email addresses
TO_DOMAIN=$(echo $TO_ADDRESS | sed 's/.*@//')
FROM_DOMAIN=$(echo $FROM_ADDRESS | sed 's/.*@//')
#If the domains match then go ahead and send it to the journaling address
if [[ "$TO_DOMAIN" == "$LOCAL_DOMAIN" && "$LOCAL_DOMAIN" == "$FROM_DOMAIN" ]]; then
    cat $OUTFILE | /usr/sbin/sendmail -f $FROM_ADDRESS -t $JOURNAL_ADDRESS
fi
}
#Cleanup
rm -f $OUTFILE
trap 0
exit $exit_status

Step 4: Restart Postfix

After you have carried out steps 1 - 3, you should restart Postfix.

Setting up journaling with the global journaling address in Postfix (Linux)

Find the global journal address

The global journal address can be found under Archiving > Status. Make sure that archiving is activated.

Setting up the global journaling address in Postfix (Linux)

The following instructions are based on the assumption that Procmail is not yet in use. If you are already using Procmail, please start with step 3.