bernhard: doc/raw-howtos email-split-setup.txt,NONE,1.1

cvs at intevation.de cvs at intevation.de
Mon Aug 15 15:44:25 CEST 2005


Author: bernhard

Update of /kolabrepository/doc/raw-howtos
In directory doto:/tmp/cvs-serv24161

Added Files:
	email-split-setup.txt 
Log Message:
Added this new raw-howto on how to setup an email split with 
an existing MTA that "owns" the same email domain.


--- NEW FILE: email-split-setup.txt ---
Kolab Server Mailsplit Setup
============================
$Id: email-split-setup.txt,v 1.1 2005/08/15 13:44:23 bernhard Exp $

Tested with Kolab Server 2.0 .

Aim: You want to set up a Kolab Server to be responsible for a fraction
     of your users, but continue to run the other email server.
     Interesting for tests and gradual migration.

Flow of emails:
	
   Incoming -------->    Other MTA  -------->  Outgoing
                           |    ^
           (optional:    <-+    |
            keep a copy)   |    |
	                   |    |
                           v    |
                        Kolab Server

What to do when you have an mail transport agent (MTA) 
which feels responsible for real.example.com 
and want to have _some_ users on the Kolab Server?

Make the MTA (e.g. exchange) rewrite the envelope addresses to
@tokolab.real.example.com and fowarded it to the Kolab Server.
Optionally you can keep a copy on this MTA as a backup.

The email arrives at the Kolab Server.
And we need to rewrite the envelope back within Postfix:

   main.cf (use the template to make the change):
        virtual_maps = hash:/kolab/etc/postfix/virtual, ldap:ldapdistlist, ldap:ldapvirtual

   in /kolab/etc/postfix/virtual (use the template to make the change):
        @tokolab.example.com @real.example.com

To accept emails within example.com though they are not on the server,
we need to switch of the check for unlisted recipients.
Do not set local_recipient_maps and 
Remove "reject_unlisted_recipient," from smtpd_recipient_restrictions:

   main.cf
	local_recipient_maps =

	smtpd_recipient_restrictions = permit_mynetworks,
			permit_sasl_authenticated, 
			reject_unauth_destination, 
			check_policy_service unix:private/kolabpolicy


Next it must be decided 
whether to keep the email because the user is on this server
or to send it back to the other MTA.
Postfix can do an ldap request to determine the transportation path.

More main.cf settings (use template):

    transport_maps = ldap:ldaptransport, ldap:ldapkolabmailboxfilter, hash:/kolab/etc/postfix/transport

    ldapkolabmailboxfilter_domain = @@@postfix-mydomain@@@
    ldapkolabmailboxfilter = @@@ldap_uri@@@
    ldapkolabmailboxfilter_search_base = @@@user_dn_list@@@
    ldapkolabmailboxfilter_query_filter = (&(mail=%s)(objectClass=kolabInetOrgPerson)(!(cn:dn:=external)))
    ldapkolabmailboxfilter_result_attribute = mail
    ldapkolabmailboxfilter_result_filter = kolabmailboxfilter
    ldapkolabmailboxfilter_search_timeout = 15
    ldapkolabmailboxfilter_scope = sub
    ldapkolabmailboxfilter_bind = yes
    ldapkolabmailboxfilter_bind_dn = @@@php_dn@@@
    ldapkolabmailboxfilter_bind_pw = @@@php_pw@@@
    ldapkolabmailboxfilter_version = 3

and /kolab/etc/postfix/transport (use template):
    real.example.com     smtp:[outgoingsmptserver]

Note the interesting query_filter to exclude the external addressbook.





More information about the commits mailing list