At TBits.net we have a setup for a customer, where Kolab 3.4 needs to cooperate with Exchange, and with an older mail system during the transition. This post describes how to configure Postfix to do this job.
The scenario:
Exchange is used for a smaller number of power users. They need to work with Outlook, and that is at the moment still best integrated with Exchange. Of course we are eagerly waiting for Copenhagen/OpenChange to be functional, so that Kolab can act as an Exchange server towards Outlook… But that is for the future, and we need a working solution today.
For the vast number of users, Kolab is sufficient (they actually only need email, so IMAP and SMTP is enough), so the customer decided that for monetary reasons Kolab is a better solution for them.
During the transition time, when not all mailboxes have been moved to Kolab 3.4 yet, we still need to redirect the emails to the old mail system.
All emails will be routed to the Kolab 3.4 server, and it is the reponsibility of the Kolab 3.4 server to distribute the emails either to Exchange, or to the older mail system, or deliver the emails to the local mailboxes.
The solution with Postfix:
There are several points that need to be configured.
First let me explain some of the configuration settings of Postfix:
There is local_recipient_maps in /etc/postfix/main.cf. This defines, if an email is rejected or not. The sender should receive an email with this content: “Recipient address rejected: User unknown in local recipient table”
Furthermore, we have transport_maps in /etc/postfix/main.cf. This defines several destinations, where email should go. The order of destinations is important because the first destination that matches the recipient email address, will be the chosen destination and the email will be delivered there.
Local delivery:
By default configuration, we have
local_recipient_maps = ldap:/etc/postfix/ldap/local_recipient_maps.cf |
This checks if the email address belongs to a local mail account.
transport_maps = ldap:/etc/postfix/ldap/transport_maps.cf, hash:/etc/postfix/transport |
The instructions in /etc/postfix/ldap/transport_maps.cf direct the emails to the local lmtp socket for local delivery. The file /etc/postfix/transport is usually empty.
Delivery to Exchange:
We need to append a lookup for the mailboxes that are hosted on Exchange:
local_recipient_maps = ldap:/etc/postfix/ldap/local_recipient_maps.cf, ldap:/etc/postfix/ldap/exchange_recipient_maps.cf |
The content of that file /etc/postfix/ldap/exchange_recipient_maps.cf looks like this:
server_host = exchange.xy.customer.com server_port = 389 version = 3 search_base = dc=xy,dc=customer,dc=com bind_dn = administrator@xy.customer.com bind_pw = topsecret query_filter = (proxyAddresses=smtp:%s) result_attribute = mail |
The bind_pw is the passwort of your administrator user at Exchange. This way we can use LDAP to query the Exchange Server if there is a user with the given email address that an email is directed to.
We also need to add a transport destination:
transport_maps = ldap:/etc/postfix/ldap/transport_maps.cf, ldap:/etc/postfix/ldap/exchange_transport_maps.cf, hash:/etc/postfix/transport |
The content of that file /etc/postfix/ldap/exchange_transport_maps.cf looks like this:
server_host = exchange.xy.customer.com server_port = 389 version = 3 search_base = dc=xy,dc=customer,dc=com bind_dn = administrator@xy.customer.com bind_pw = topsecret query_filter = (proxyAddresses=smtp:%s) result_attribute = mail result_format = smtp:[exchange.xy.customer.com] |
The result of this configuration is that emails to recipients with mail accounts on Exchange will be delivered to the Exchange server. On the exchange server we have the configuration to deliver all emails to the Kolab 3.4 server, if the email account is not local to the Exchange server.
Delivery of all other email with customer domain to the old mail system:
For the transition time, we want all emails to mail accounts that neither exist on the Kolab 3.4 nor the Exchange server to go to the legacy mail server.
We need to add something to the local_recipient_maps so that the emails don’t get recejected. Of course we only want this during the transition time, because effectively we now accept all emails, even to random email addresses that don’t exist.
local_recipient_maps = ldap:/etc/postfix/ldap/local_recipient_maps.cf, ldap:/etc/postfix/ldap/exchange_recipient_maps.cf, hash:/etc/postfix/legacy_recipients |
The content of the file /etc/postfix/legacy_recipients looks like this:
@customer.com OK @customer.de OK |
Don’t forget to run postmap /etc/postfix/legacy_recipients to activate this file properly.
You also need to add a couple of lines to /etc/postfix/transport:
customer.com smtp:192.168.178.15:25 customer.de smtp:192.168.178.15:25 |
192.168.178.15 is an example for an internal IP of the legacy mail system.
Again, run postmap /etc/postfix/transport to activate this file properly.
Please note, that I am not working with relay_recipient_maps and relay_domains. I think the solution with local_recipient_maps and transport_maps makes sense and works.
Relaying outgoing mail through one mailgate
Another configuration of our Postfix makes sure that all our outgoing email passes through one mailgate. This gives us a chance for a central mail scanning service. We have these lines in /etc/postfix/main.cf:
relayhost = [mymailgateA.hoster.com] smtp_fallback_relay = mymailgateB.hoster.com, mymailgateC.hoster.com |
So if the first mailgate is down, the other mailgates are used.