1 Topic by mg29 (edited by mg29 2017-04-12 18:24:53)

  • mg29
  • Member
  • Offline
  • Registered: 2017-04-12
  • Posts: 5

Topic: Setup iRedMail as Mail gateway for a subdomain

======== Required information ====
- iRedMail version (check /etc/iredmail-release): 0.9.6
- Linux/BSD distribution name and version: 16.04.2 LTS
- Store mail accounts in which backend (LDAP/MySQL/PGSQL): LDAP
- Web server (Apache or Nginx): Apache
- Manage mail accounts with iRedAdmin-Pro? No
- Related log if you're reporting an issue:
====

I´m trying to setup iRedMail as a mail gateway for a subdomain.
We host a groupware solution based on Kopano onsite and want to use iRedMail as a relayhost.
The mails are coming in from host.ad.example.com
I setup my domain example.com in iRedAdmin and I rewrite the originating address with smtp_generic_maps:

@ad.example.com @example.com

and added my IP to mynetworks in main.cf as well as iredapd setting´s file.
Everything works fine, except DKIM signing of mails. The key ad.example.com has been set up and the public key
has been published in DNS:

TESTING#2 example.com: dkim._domainkey.example.com => pass
TESTING#3 ad.example.com: dkim._domainkey.ad.example.com => pass

What exactly am I missing here? Also, SA is marking the messages coming from my internal host with a score of >5 for some reason. Any input is appreciated.

I can find the following line in dbg output:

SA dbg: spf: query for mg@example.com/xx.xx.xx.xx/host.ad.example.com: result: fail

----

Spider Email Archiver: On-Premises, lightweight email archiving software developed by iRedMail team. Supports Amazon S3 compatible storage and custom branding.

2 Reply by ZhangHuangbin

  • ZhangHuangbin
  • ZhangHuangbin
  • iRedMail Developers
  • Offline
  • Registered: 2009-05-06
  • Posts: 30,792

Re: Setup iRedMail as Mail gateway for a subdomain

As a gateway of subdomain, you can simply add this subdomain in iRedMail, then mark it as backup mx. Search this forum, you will find detailed doc about how to mark a domain as backup mx.

PS. iRedAdmin-Pro can manage backup mx directly.

3 Reply by mg29

  • mg29
  • Member
  • Offline
  • Registered: 2017-04-12
  • Posts: 5

Re: Setup iRedMail as Mail gateway for a subdomain

Hi Zhang,

thanks for the fast reply. I want to achieve something like the following:

http://i.imgur.com/ps8JS5g.png

As you can see, everythings works as expected, except the signing of the message, if it originates from my onsite mx.
If I send the mail locally through RC, the mails gets signed properly.
So how can I make amavis signing the mails coming from my onsite mx?

4 Reply by ZhangHuangbin

  • ZhangHuangbin
  • ZhangHuangbin
  • iRedMail Developers
  • Offline
  • Registered: 2009-05-06
  • Posts: 30,792

Re: Setup iRedMail as Mail gateway for a subdomain

First of all, please share with me the software name you used to draw this diagram. big_smile

5 Reply by mg29

  • mg29
  • Member
  • Offline
  • Registered: 2017-04-12
  • Posts: 5

Re: Setup iRedMail as Mail gateway for a subdomain

ZhangHuangbin wrote:

First of all, please share with me the software name you used to draw this diagram. big_smile

Oh, that´s just a quick draft I made with MS Visio 2016.
It´s quite amazing, what you can do with it if you are familiar with it.

BTW, if you need any debug logs, be my guest. It´s just a bit time consuming to mask all the confidential stuff hmm

6 Reply by ZhangHuangbin

  • ZhangHuangbin
  • ZhangHuangbin
  • iRedMail Developers
  • Offline
  • Registered: 2009-05-06
  • Posts: 30,792

Re: Setup iRedMail as Mail gateway for a subdomain

mg29 wrote:

So how can I make amavis signing the mails coming from my onsite mx?

Amavisd detects "local" domain by "@local_domain_maps" setting, you can try to list your sub-domain in it.

7 Reply by mg29

  • mg29
  • Member
  • Offline
  • Registered: 2017-04-12
  • Posts: 5

Re: Setup iRedMail as Mail gateway for a subdomain

This doesn´t seem to do the trick, the only difference I see at a quick glance is,
that amavis treats the message differently:
With @local_domains_maps = ([ ".$mydomain", ".ad.example.com" ]);

Passed CLEAN {RelayedOpenRelay}

With stock settings @local_domains_maps = 1;

Passed CLEAN {RelayedInbound}

It must be something in the SA config, which is preventing to add the dkim header if the mail is not originating from localhost...

I will reply later with a full debug log diff, maybe that will help a bit

8 Reply by ZhangHuangbin

  • ZhangHuangbin
  • ZhangHuangbin
  • iRedMail Developers
  • Offline
  • Registered: 2009-05-06
  • Posts: 30,792

Re: Setup iRedMail as Mail gateway for a subdomain

Try another way: Add the IP of ad.example.com in Amavisd "@mynetworks", then restart amavisd service.

9 Reply by mg29 (edited by mg29 2017-04-15 22:25:34)

  • mg29
  • Member
  • Offline
  • Registered: 2017-04-12
  • Posts: 5

Re: Setup iRedMail as Mail gateway for a subdomain

There is no A record for ad.example.com. However, the IP of the onsite MTA is added to mynetworks of course.

EDIT: Sorry, just realized, you said amavis, not postfix wink Will try this asap