Under “Networks” you add the IPs and networks of servers you want to allow relaying through PMG.
After this, just set your mailserver/webserver to send to pmg.domain.tld:26.
My Postfix looks like this:
relayhost = [smtp.domain.tld]:26
Outgoing is the easy part IMO.
For incoming you need to add the domains under “Relay Domains”.
You can set up a default receiving server under Relaying → Default relay, or you can specify different incoming servers for different domains under “Transport”.
Edit: this has to be done manually AFAIK. There is an API also, but I suck at those things, so never got around to setting up something automagical from Virtualmin, whenever adding domains there. That’s the dream, but for my small setup - and since I control all domains anyway - it works for my needs.
I wish I had an answer that lets you sleep at night. I’m collecting log data to process through AI to alert to any anomalies. I write new rspamd rules every day on my outbound filter server. I monitor a list of senders every hour of every day and continually adjust scripts to ping Pushover if certain criteria is met.
And then, I’ll do it all over again tomorrow. And the next day. And the next. If I rest, they’ll find a way through.
There is no rest unless you pay someone to handle it.
I’d like to but I struggle with how I’d effectively manage outbound spam without access to the servers that are sending to the relays. It can be difficult to stop some events without just blocking the whole other server from the relays, depending on the level of security deployed by the sending server.