Solved

Postfix Domain based Relaying

Posted on 2006-06-13
6
404 Views
Last Modified: 2010-03-17
I have 1 postfix server that recives mail for "domain1.com"
I also have an Exchange server the recieves mail for "domain2.com"

The two of them are on the same private subnet.
Most users use the postfix server to send email

I would like the postfix server to relay any mail with a final destination of "domain2.com" to the exchange server instead of looking up an MX server, and sending the message over the Internet only to have it come back to the exchange server on the LAN.
0
Comment
Question by:tuaris
  • 3
  • 2
6 Comments
 
LVL 25

Expert Comment

by:Cyclops3590
Comment Utility
just so you know I haven't actually done this before, but this Q should help you out
http://www.experts-exchange.com/Networking/Email_Groupware/Q_21863974.html
0
 
LVL 3

Accepted Solution

by:
matheweis earned 100 total points
Comment Utility
I have done this before with both postfix and sendmail.

There's a lot of ways to approach this, but it depends on your setup. I need a little more information to tell you the best approach for your situation.

Are both your postfix and Exchange server open to the internet? (Have public IP's)

Does the postfix server send mail directly, or relay it through your ISP's mail server?

My approach is to simply use an internal DNS server on the same machine as the postfix server. Since the machine is configured to use it's own DNS server, I add MX records for what in your case would be "domain2.com" that point to the Exchange internal IP.
0
 
LVL 1

Author Comment

by:tuaris
Comment Utility
Domain2.com doesn't belong to us, it is not in my control and thier are some host names that the postfix server need to resolve on it.
Postfix sends the mail directly

Both Postfix and Exchange are open to the Interent, but the exchange server is connected to a "mother site" via VPN.  All email for domain2.com goes to that main exchange server.  Any messages that belong to us are sent to our mailboxes on our local exchange server.

The postfix is already acting as a fowarding DNS server for benchmarkmanagement.com
0
How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

 
LVL 3

Expert Comment

by:matheweis
Comment Utility
Well, there are several approaches to solve your problem. Most of the ones I would use involve tricking the postfix server using DNS, and/or using aliases to forward e-mail to the Exchange server.

From your original post, it sounded like you wanted ALL e-mail for domain2.com redirected to a specific server (Namely, you Exchange server) If that's the case, what I mentioned before will work:

It doesn't matter whether you have control over domain2.com or not. You can still create a dummy domain on the postfix server with mx records pointing to your internal Exchange server. Of course it does involve setting up a DNS server, but it sounds like you have that done already. The question is whether or not this is the solution that best fits your needs. Do you know much else about domain2.com? Does all e-mail that belongs to domain2.com go to you, or is it delivered to others as well? How often, if ever, will it's IP's will change - if they do, will you know about it, etc. Judging from what you are saying, it sound like this may not be the best option.


Fom your previous message, it now sounds like you are asking to forward e-mail with a destination of domain2.com, but only specific users of domain2.com, to a specific server of domain2.com, but not the main server for domain2.com...

Alternatively, you can simply set up aliases in postfix to foward messages only for the users directly on YOUR Exchange server. This will do exactly what you want, unfortunately it's not the easiest thing to set up.

a. Choose some dummy domain - for example domain3.com or mydummydomain.com. What the domain is really doesn't matter. You don't need to register it, because you're never going to use it outside of your local network.
b. In the Exchange server, you need to go to the "Active Directory Users and Groups" tool. In the properties of each user, under the e-mail addresses section, you need to add a new SMTP address (user@mydummydomain.com)
c. Create a DNS record for mydummydomain.com on the postfix server, with an MX entry pointing to the Exchange server.
d. Create a virtual alias table in postfix (More info on the here: http://www.postfix.org/VIRTUAL_README.html), with an entry for each user@domain2.com pointing to user@mydummydomain.com
0
 
LVL 1

Author Comment

by:tuaris
Comment Utility
Thank you for your help, I'll do the MX record tip.  I do want all the mail for domain2.com sent to the exchange server, that server will then do what it needs to do (keep the message or send it off to the mother server).

I just wanted to know if there was any other way to do this in Postfix besides using DNS.
0
 
LVL 3

Expert Comment

by:matheweis
Comment Utility
If you want to do it with just postfix other than DNS, and you are okay with forwarding ALL mail from domain2.com to the internal Exchange server, using postfix transports:

In your postfix main.cf, make sure you have the following:
relay_domains = domain2.com
transport_maps = hash:/etc/postfix/transport

In /etc/postfix/transport, put
domain2.com     smtp:[10.0.4.89]

Where 10.0.4.89 is the IP of your Exchange server.

I haven't always had the best of luck with postfix transports, but this one is pretty clear cut, as long as Exchange is okay with the relay method.
0

Featured Post

What Security Threats Are You Missing?

Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

Join & Write a Comment

I have seen several blogs and forum entries elsewhere state that because NTFS volumes do not support linux ownership or permissions, they cannot be used for anonymous ftp upload through the vsftpd program.   IT can be done and here's how to get i…
Note: for this to work properly you need to use a Cross-Over network cable. 1. Connect both servers S1 and S2 on the second network slots respectively. Note that you can use the 1st slots but usually these would be occupied by the Service Provide…
Illustrator's Shape Builder tool will let you combine shapes visually and interactively. This video shows the Mac version, but the tool works the same way in Windows. To follow along with this video, you can draw your own shapes or download the file…
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.

771 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

16 Experts available now in Live!

Get 1:1 Help Now