1 Topic by orphans

  • orphans
  • Member
  • Offline
  • Registered: 2011-03-04
  • Posts: 39

Topic: iRedMail backup mx

==== Required information ====
- iRedMail version: latest
- Store mail accounts in which backend (LDAP/MySQL/PGSQL): LDAP
- Linux/BSD distribution name and version:
- Related log if you're reporting an issue:
====

Hi, me yet again.

We're looking to set up a backup MX for our new iRedMail/iRedAdmin-Pro setup. However we DON'T want the standard setup advised here in other posts. (That being, you manually flag each domain to be a backup MX on the backup MX server).

We are running openldap with syncrepl to make sure all new domains are also synced across to the backup server, this means we can't really make amends to the local LDAP database on the backup MX server. We'd prefer to have this server accept and forward mail for all valid/enabled domains in LDAP.

I've been fiddling around with /etc/postfix/ldap/relay_domains.cf and /etc/postfix/main.cf, but I can't seem to get postfix to relay all mail for all domains without either attempting to deliver it locally, or the whole server acting as an open relay.

----

Spider Email Archiver: On-Premises, lightweight email archiving software developed by iRedMail team. Supports Amazon S3 compatible storage and custom branding.

2 Reply by ZhangHuangbin

  • ZhangHuangbin
  • ZhangHuangbin
  • iRedMail Developers
  • Offline
  • Registered: 2009-05-06
  • Posts: 31,088

Re: iRedMail backup mx

How about this:

- Modify ldap filter in /etc/postfix/ldap/virtual_mailbox_domains.cf to make it always return empty (no hosting virtual domains).
- Modify ldap filter in /etc/postfix/ldap/relay_domains.cf to make it always return valid virtual domains as relay domains.

3 Reply by orphans

  • orphans
  • Member
  • Offline
  • Registered: 2011-03-04
  • Posts: 39

Re: iRedMail backup mx

Thanks this was my initial idea, I'll give it another try. Just wanted to make sure I was thinking along the right lines.

4 Reply by orphans

  • orphans
  • Member
  • Offline
  • Registered: 2011-03-04
  • Posts: 39

Re: iRedMail backup mx

Thanks I've got it working.

For those wondering the exact process (I'm sure there may be better ways!)

Comment out the following line in /etc/postfix/main.cf. 

#content_filter = smtp-amavis:[127.0.0.1]:10024

We don't need to do any virus scanning or spam checking on the relay server.



Modify /etc/postfix/ldap/virtual_mailbox_domains.cf and replace the following:

# comment out this line below
# query_filter    = (&(objectClass=mailDomain)(|(domainName=%s)(&(enabledService=domainalias)(domainAliasName=%s)))(!(domainBackupMX=yes))(accountStatus=active)(enabledService=mail))

# add this line
query_filter    = (&(objectClass=mailDomain)(|(domainName=%s)(&(enabledService=domainalias2)(domainAliasName=%s)))(!(domainBackupMX=yes))(accountStatus=active)(enabledService=mail2))

It doesn't really matter what you use in query_filter as long as it returns nothing from the query.




Modify /etc/postfix/ldap/transport_maps_domain.cf like the following:

# comment out this line below
# query_filter    = (&(objectClass=mailDomain)(|(domainName=%s)(domainAliasName=%s))(accountStatus=active)(enabledService=mail))

# add this line
query_filter    = (&(objectClass=mailDomain)(|(domainName=%s)(domainAliasName=%s))(accountStatus=active)(enabledService=mail2))

It doesn't really matter what you use in query_filter as long as it returns nothing from the query.




Modify /etc/postfix/ldap/relay_domains.cf like the following:

# comment out this line below
# query_filter    = (&(objectClass=mailDomain)(|(domainName=%s)(&(enabledService=domainalias)(domainAliasName=%s)))(domainBackupMX=yes)(accountStatus=active)(enabledService=mail))

# add this line
query_filter    = (&(objectClass=mailDomain)(|(domainName=%s)(&(enabledService=domainalias)(domainAliasName=%s)))(accountStatus=active)(enabledService=mail))

5 Reply by ZhangHuangbin

  • ZhangHuangbin
  • ZhangHuangbin
  • iRedMail Developers
  • Offline
  • Registered: 2009-05-06
  • Posts: 31,088

Re: iRedMail backup mx

Thanks for your sharing. smile