bernhard: doc/raw-howtos email-split-setup.txt,NONE,1.1
cvs at intevation.de
cvs at intevation.de
Mon Aug 15 15:44:25 CEST 2005
Author: bernhard
Update of /kolabrepository/doc/raw-howtos
In directory doto:/tmp/cvs-serv24161
Added Files:
email-split-setup.txt
Log Message:
Added this new raw-howto on how to setup an email split with
an existing MTA that "owns" the same email domain.
--- NEW FILE: email-split-setup.txt ---
Kolab Server Mailsplit Setup
============================
$Id: email-split-setup.txt,v 1.1 2005/08/15 13:44:23 bernhard Exp $
Tested with Kolab Server 2.0 .
Aim: You want to set up a Kolab Server to be responsible for a fraction
of your users, but continue to run the other email server.
Interesting for tests and gradual migration.
Flow of emails:
Incoming --------> Other MTA --------> Outgoing
| ^
(optional: <-+ |
keep a copy) | |
| |
v |
Kolab Server
What to do when you have an mail transport agent (MTA)
which feels responsible for real.example.com
and want to have _some_ users on the Kolab Server?
Make the MTA (e.g. exchange) rewrite the envelope addresses to
@tokolab.real.example.com and fowarded it to the Kolab Server.
Optionally you can keep a copy on this MTA as a backup.
The email arrives at the Kolab Server.
And we need to rewrite the envelope back within Postfix:
main.cf (use the template to make the change):
virtual_maps = hash:/kolab/etc/postfix/virtual, ldap:ldapdistlist, ldap:ldapvirtual
in /kolab/etc/postfix/virtual (use the template to make the change):
@tokolab.example.com @real.example.com
To accept emails within example.com though they are not on the server,
we need to switch of the check for unlisted recipients.
Do not set local_recipient_maps and
Remove "reject_unlisted_recipient," from smtpd_recipient_restrictions:
main.cf
local_recipient_maps =
smtpd_recipient_restrictions = permit_mynetworks,
permit_sasl_authenticated,
reject_unauth_destination,
check_policy_service unix:private/kolabpolicy
Next it must be decided
whether to keep the email because the user is on this server
or to send it back to the other MTA.
Postfix can do an ldap request to determine the transportation path.
More main.cf settings (use template):
transport_maps = ldap:ldaptransport, ldap:ldapkolabmailboxfilter, hash:/kolab/etc/postfix/transport
ldapkolabmailboxfilter_domain = @@@postfix-mydomain@@@
ldapkolabmailboxfilter = @@@ldap_uri@@@
ldapkolabmailboxfilter_search_base = @@@user_dn_list@@@
ldapkolabmailboxfilter_query_filter = (&(mail=%s)(objectClass=kolabInetOrgPerson)(!(cn:dn:=external)))
ldapkolabmailboxfilter_result_attribute = mail
ldapkolabmailboxfilter_result_filter = kolabmailboxfilter
ldapkolabmailboxfilter_search_timeout = 15
ldapkolabmailboxfilter_scope = sub
ldapkolabmailboxfilter_bind = yes
ldapkolabmailboxfilter_bind_dn = @@@php_dn@@@
ldapkolabmailboxfilter_bind_pw = @@@php_pw@@@
ldapkolabmailboxfilter_version = 3
and /kolab/etc/postfix/transport (use template):
real.example.com smtp:[outgoingsmptserver]
Note the interesting query_filter to exclude the external addressbook.
More information about the commits
mailing list