external postfix forwarding to zimbra server

Question

I want to migrate from my current mail server (old_server) for my domain mydomain.com. old_server setup is Postfix+LDAP+Cyrus.

Now I want to migrate my domain mail to Zimbra server (zimbra), but I am considering option to leave current mail server working in the first phase, and then to only have subset of email addresses to be forwarded to zimbra server. It seems that zimbra refers this in their documentation as 'edge MTA'.

Current config

 mydomain.com 
             MX: old_server
<---------- smtp send
----------> smtp receive

New config

 mydomain.com 
             MX: old_server                      zimbra
<------------------------------------------- smtp send
----------> smtp receive ---- forward ---->  smtp receive

I need following:

old_server to receive mail for my domain as before, but for some of the email addresses I want them to be delivered to zimbra server. I should be able to determine which email addresses will be forwarded.
I would like to avoid possible false spam detections for mails from mydomain.com due to this setup.

Questions:

How should I configure postfix on old_server to support this mail forwarding?
To avoid false spam detection, can I have outgoing mail from mydomain.com to be sent by zimbra or should I use old_server?
Is there anything extra I would need to do in order to avoid possibility of my outgoing mails being marked as spam on other servers?

Additional info with some obfuscation (postconf -n):

alias_database = hash:/etc/postfix/aliases
alias_maps = hash:/etc/postfix/aliases
broken_sasl_auth_clients = yes
command_directory = /usr/sbin
config_directory = /etc/postfix
content_filter = smtp-amavis:[127.0.0.1]:10024
daemon_directory = /usr/libexec/postfix
debug_peer_level = 10
html_directory = /usr/share/doc/postfix-2.4.5-documentation/html
local_recipient_maps = ldap:/etc/postfix/ldapvirtual.cf hash:/etc/postfix/virtual_alias
mail_owner = postfix
mailq_path = /usr/bin/mailq.postfix
manpage_directory = /usr/share/man
message_size_limit = 16777216
mydestination = $mydomain, mail.$mydomain, 
mydomain = mydomain.com
myhostname = mail.mydomain.com
mynetworks = 127.0.0.0/8 212.XX.XXX.XX/28
myorigin = $mydomain
newaliases_path = /usr/bin/newaliases.postfix
queue_directory = /var/spool/postfix
readme_directory = /usr/share/doc/postfix-2.4.5-documentation/readme
recipient_delimiter = +
sample_directory = /etc/postfix
sender_canonical_maps = ldap:/etc/postfix/ldapalias.cf
sendmail_path = /usr/sbin/sendmail.postfix
setgid_group = postdrop
smtpd_banner = $myhostname ESMTP
smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination
smtpd_sasl_auth_enable = yes
smtpd_sasl_local_domain =
smtpd_sasl_security_options = noanonymous
smtpd_sender_login_maps = ldap:ldapvirtual
smtpd_tls_CAfile = /etc/pki/tls/certs/ca-bundle.crt
smtpd_tls_cert_file = /etc/pki/tls/certs/mailserver.pem
smtpd_tls_key_file = /etc/pki/tls/certs/mailserver.pem
smtpd_tls_loglevel = 1
smtpd_tls_received_header = yes
smtpd_tls_session_cache_timeout = 3600s
smtpd_use_tls = yes
tls_random_source = dev:/dev/urandom
transport_maps = hash:/etc/postfix/transport
unknown_local_recipient_reject_code = 550
virtual_alias_maps = ldap:/etc/postfix/ldapvirtual.cf hash:/etc/postfix/virtual_alias

cstamas · Accepted Answer · 2011-11-13T19:06:26.907

2

You can setup a transport lookup table to override the nexthop on mail delivery.

In /etc/postfix/main.cf

transport_maps =
       hash:/etc/postfix/mytransport_override

In /etc/postfix/mytransport_override you write

migrated_address1@yourdomain smtp:zimbra.yourserver
migrated_address2@yourdomain smtp:zimbra.yourserver
another__migrated@yourdomain smtp:[zimbra.yourserver]

Then postmap hash:/etc/postfix/mytransport_override

I see no issues with spam or being your mail messages treated as spam (as long as your dns entries like PTR records, A records, MX records are okay).

EDIT

Good point in the comments: if you want to avoid MX records lookup add brackets around the hostname. Example is in the last line. Generally it is a good practice to use brackets to avoid surprises.

edited Nov 13 '11 at 19:06

answered Nov 13 '11 at 14:55

cstamas

6,607
24
42

1

It is worth noting that postfix will first attempt to deliver mail to the MX of zimbra.yourserver in this example. (Depending on your setup this may be a non-issue.) Use `address@domain smtp:[zimbra.yourserver]` to explicitly short to the A record. – 84104 Nov 13 '11 at 18:48
I tried the setup, and it works, but only if I completely remove migrated address from LDAP lookup table. I cannot do that since I am using LDAP to authorize users and the mail addresses are stored there. Is there a way to tell postfix that it searches in transport maps first? I am assuming that the postfix stops lookup search on first match... – Marko Nov 13 '11 at 22:27
@Marko can you include your config with 'postconf -n' ? – cstamas Nov 13 '11 at 22:42
I take another look, but I do not get it. What do you mean it only works if you remove the address from the LDAP what happens if you do not? – cstamas Nov 15 '11 at 23:54
I don't know postfix in details so perhaps I am explaining this wrong way. I am using LDAP lookup in _local_recipient_maps_ and _virtual_alias_maps_ . It seems that, when a message is received, postfix will find recipient in some of other maps first, and then it will completly ignore transport_maps. Is this possible? – Marko Nov 20 '11 at 13:41

external postfix forwarding to zimbra server

1 Answers1