Mixed Setup
in [Postfix]
|
From: Victor Duchovni on 19 Jul 2010 17:43 On Mon, Jul 19, 2010 at 11:34:11PM +0200, mouss wrote: > if the exchange box wants joe(a)example.com, you can add > smtp_generic_maops entries to rewrite the address back: > joe(a)exchange.example.com joe(a)example.com > (This only works if the transport to exchange is "smtp", as the prefix > of smtp_generic_maps suggests!). More precisely, it only works if the delivery agent is smtp(8), the transport name can be "smtp", "relay", "my-exchange-transport", ... anything that uses the smtp(8) delivery agent. > This approach is better than per user transports, because transport_maps > imply performance overhead Per-user transport lookups are OK per-se, but typically these imply accessing a remote directory (SQL, LDAP, ...), and it is use of remote data sources for transport lookups (not whether the lookup key is a user or a domain) that is often not a good idea. -- Viktor.
From: Simone Caruso on 19 Jul 2010 17:43 Il 19/07/2010 23:22, Jonathan Tripathy ha scritto: > > On 19/07/10 22:18, Simone Caruso wrote: >> Il 19/07/2010 22:56, Jonathan Tripathy ha scritto: >>> Hi Everyone, >>> >>> My question isn't directly a Postfix issue, however postfix will be a >>> fundamental element, and any advice would be appreciated. >>> >>> I need to set up an infrastructure which uses a mixture of Linux, and >>> Windows (exchange server). >>> >>> Basically, for a single domain, I wish got some users to have accounts >>> on a Linux mail server (Something similar to >>> http://workaround.org/ispmail/lenny), and some to have accounts on an >>> Exchange server. The level of interaction between the 2 machines should >>> be such that users on each machine can send email to the users on the >>> other (As well as external mx servers of course). >>> >>> The users who have their account on the Linux server, will access their >>> email via IMAP (and send via SMTP). The users of have their account on >>> the exchange server will access their email via "Outlook Anywhere" - >>> this is where Exchange encapsulates RPC inside HTTPS packets, and runs >>> the connection on a single port (443). >>> >>> My current train on through is this: Have all incoming email terminate >>> on the Linux (Postfix) box. For users who have their account on the >>> Linux box itself, this will automatically work. For users who have their >>> account on the exchange server, I can use Postfix Virtual Aliases to >>> "forward" the mail to the account on the exchange box. The exchange box >>> would have to be set up with accounts that are non-accessible from >>> outside (e.g. user1(a)domain.local). Regarding access from outside, I'm >>> thinking of just placing the 2 servers in a DMZ, and using a single >>> static IP address, port forward 25 (SMTP), 110 (IMAP) to the Linux box >>> and and 443 (Outlook Anywhere) to the exchange box. >>> >>> Does this sound like an acceptable solution? >>> >>> Thanks >> You can setup an user database (ldap, sql) and select a different >> mailbox transport on domain or user basis.. you can use imap proxies >> as well. > > Hmm interesting, so you are saying that I could have a Postfix "front > end" (which handles incoming mail from third parties only) which > forwards mail to the correct server based on user? So 3 servers in total > then? > > That's incoming mail from third parties sorted, but what about sending > mail? I'd just forward a port to the Linux Mail Server (not the > frontend) and get users to send mail through that? (This would be for > users who have their account on the Linux Mail Server. The exchange box > does everything on a single port) u can use ldap maps on active directory -- Simone Caruso IT Consultant +39 349 65 90 805 p.iva: 03045250838
From: mouss on 19 Jul 2010 17:58 Jonathan Tripathy a �crit : > [snip] >>> >>> Does this sound like an acceptable solution? >>> >>> >> yes. it is. >> >> for delivery, you can use virtual aliases: >> joe(a)example.com joe(a)exchange.example.com >> >> if the exchange box wants joe(a)example.com, you can add >> smtp_generic_maops entries to rewrite the address back: >> joe(a)exchange.example.com joe(a)example.com >> (This only works if the transport to exchange is "smtp", as the prefix >> of smtp_generic_maps suggests!). >> >> >> This approach is better than per user transports, because transport_maps >> imply performance overhead (and also: transport_maps are global inside >> a postfix instance, so you have less flexibility). >> >> > > Hi mouss, > > Thanks for that > see also Viktor mail for more accurate information. > Can you please explain why I would need to use smtp_generic_maps? I'm > not entirely sure of the use of it in this context. > you only need that if your exchange is configured to receive mail for joe(a)example.com and not for joe(a)exchange.example.com. if you configure exchange to accept mail for joe(a)exchange.example.com and make it consider this the same thing as joe(a)example.com, then you don't need smtp_generic_maps. if on the other hand your exchange (or whatever internal server) only wants joe(a)example.com, then postfix gives you the opportunity to rewrite the addresses at delivery time (after virtual_alias_maps are expanded). This is an exceptionally nice feature in postfix. it means you can do rewrite at input (virtual_alias_maps) then at output (smtp_generic_maps). This somewhat resembles NAT in packet filters that allow you to do NAT at input (map destination IP address) and at output (map source IP address) for a single IP packet.
From: Jonathan Tripathy on 19 Jul 2010 18:02 >> Can you please explain why I would need to use smtp_generic_maps? I'm >> not entirely sure of the use of it in this context. >> >> > you only need that if your exchange is configured to receive mail for > joe(a)example.com and not for joe(a)exchange.example.com. > > if you configure exchange to accept mail for joe(a)exchange.example.com > and make it consider this the same thing as joe(a)example.com, then you > don't need smtp_generic_maps. > > > if on the other hand your exchange (or whatever internal server) only > wants joe(a)example.com, then postfix gives you the opportunity to rewrite > the addresses at delivery time (after virtual_alias_maps are expanded). > This is an exceptionally nice feature in postfix. it means you can do > rewrite at input (virtual_alias_maps) then at output > (smtp_generic_maps). This somewhat resembles NAT in packet filters that > allow you to do NAT at input (map destination IP address) and at output > (map source IP address) for a single IP packet. > > > Now that's a cool feature! However, I think I'll stick with giving the exchange server an "internal" domain, like "exchange.local", as this is what I'm familiar with and I have already got this setup to work. Things get messy as Exchange needs active directory as well. Now, all I need now is some nice "central" address book that works across both Thunderbird (for the Linux mail server users) and Outlook..
From: mouss on 19 Jul 2010 18:24 Jonathan Tripathy a �crit : > [snip] >> >> > > Now that's a cool feature! > > However, I think I'll stick with giving the exchange server an > "internal" domain, like "exchange.local", as this is what I'm familiar > with and I have already got this setup to work. if you can, avoid ".local". This is not a reserved suffix. instead, use a subdomain of yours. > Things get messy as Exchange needs active directory as well. > > Now, all I need now is some nice "central" address book that works > across both Thunderbird (for the Linux mail server users) and Outlook.. hmm. TB supports AD (via LDAP), doesn't it?
First
|
Prev
|
Next
|
Last
Pages: 1 2 3 4 Prev: Email Sys Admin, NYC | 80-100k+ Next: PATCH: defer when pipe command dies |