2

I have a pair of mail servers that are comprised mainly of Postfix, Procmail and Cyrus-IMAP and they both work fine. The IMAP servers are configured in a simple master/replica pair. All 'normal' mail is accepted by the master's Postfix which processes it through Procmail for delivery to the Cyrus-IMAP running on the same server. Both servers are capable of running like this but only the master actually receives external email.

At present, local accounts on either box send mail (for example, generated by cron jobs) through its local Postfix which is delivered locally to the Cyrus-IMAP on the same box.

However, Cyrus's replication doesn't like changes happening directly on the replica so I would prefer for the replica to deliver its local mail to be delivered to the master.

I see two ways of achieving this:

  • change the replica's local transport to deliver mail to Postfix on the master server

or

  • change the replica's procmail to deliver mail to Cyrus-IMAP on the master server.

There is a third way which is for the replica server to relay everything to the master server (i.e. both internal and external emails) but that seems somewhat unnecessary. I don't need to change how external mail is handled - it's ok for either box to send external email via its local Postfix which then relays it externally.

What I really would like to do is just change how internal emails are processed on the replica so that it delivers them to the master, either into Postfix or into the IMAP server there.

Existing, working, configuration of my local transport in postfix's master.cf:

procmail-local  unix  -       n       n       -       -       pipe
    flags=OR user=cyrus argv=/usr/bin/procmail -t -m RECIPIENT=${mailbox}
    SENDER=${sender} EXTENSION=${extension} /etc/procmailrc

Existing, working, configuration of delivery to Cyrus in procmailrc:

DELIVERMAIL="/usr/lib/cyrus/bin/deliver -r $SENDER -a $RECIPIENT $RECIPIENT
starfry
  • 561
  • 1
  • 7
  • 13

3 Answers3

7

I'd do it earlier still - by removing your domain name from mydestination, mail for that domain should be delivered to the server listed as MX for your domain. If you want to specify a server, as opposed to using the MX, you should use the file /path/to/postfix/etc/transport for this. That file should then look like this:

# all mails to our own domain should go to our main incoming server
ourdomain.com    smtp:[mainserver.ourdomain.com]

Please note that the [] marks are important - without them, your server will still lookup the MX record for mainserver.ourdomain.com.

After editing the file, use the command postmap /path/to/postfix/etc/transport

You also need to make sure that postfix knows to use that file, by editing /path/to/postfix/etc/main.cf with the following line:

transport_maps = hash:/path/to/postfix/etc/transport

if your system uses db files. If instead it uses dbm files, the line should be

transport_maps = dbm:/path/to/postfix/etc/transport
Jenny D
  • 27,358
  • 21
  • 74
  • 110
  • My domain's MX is actually at an external service provider and my master uses fetchmail to grab mails from there. While I can see the sense in this it wouldn't work in my case (even if I wanted to relay the mail externally, am unable to set up MX records for a subdomain like myhost.mydomain.com). – starfry Mar 21 '13 at 19:49
  • OK, I'll amend my answer to match that. – Jenny D Mar 22 '13 at 07:57
  • When I put `.mydomain.co.uk smtp:[master.mydomain.co.uk]` in the transport file it does not work. When I put `.mydomain.co.uk smtp:10.0.2.2` it works as expected. I needed the leading period because the sending server is a subdomain. I have `master.mydomain.co.uk` defined and I can ping it so I know it resolves. I have not fogotten postmap and I have also restarted postfix, just in case. Any ideas why it's failing to map using the name? – starfry Mar 22 '13 at 09:06
  • Do your logs give any hint? – Jenny D Mar 22 '13 at 09:33
  • Well I did check my logs and I have been investigating what I found in there (*Host or domain name not found. Name service error for name=master.mydomain.co.uk type=AAAA: Host not found*). First, I wondered why it was trying ipv6 lookups so I added `inet_protocols = ipv4` to main.cf but all that did was change the error message from AAAA to A. I then tried something else and it now works: I added a record for master.mydomain.co.uk to an internal DNS server. So this begs the question of why the `/etc/hosts` lookup does not work but we're probably going beyond the scope of my original question! – starfry Mar 22 '13 at 10:05
  • 2
    I have gotten to the bottom of the name resolution issue. How Postfix resolves smtp hostnames is defined by the main.cf `smtp_host_lookup` and this defaults to ussing dns only. By explicitly configuring this as `smtp_host_lookup = dns,native`, Postfix will use native mechanisms (as defined by `/etc/nsswitch.conf`, typically so that `/etc/hosts` is used). So - problem solved :) – starfry Mar 22 '13 at 10:39
0

You could try using transport_maps, on the replica you put in main.cf

transport_maps = hash:/etc/postfix/transport

then in /etc/postfix/transport you put

localdomain smtp:yourmasterserver

don't forget to:

postmap /etc/postfix/transport

and restart postfix

Emil C
  • 64
  • 3
  • I had been playing with transport maps before posting the question but without success. Seeing your suggestion, I tried what you described but it didn't work for me. I have pasted my main.cf at http://pastebin.com/UP5pJWsK. I created the transport file using the IP address of the master server (as in `localdomain smtp:10.0.2.2`). I did `postmap` and `postfix reload`. I also tried a stop/start cycle). – starfry Mar 21 '13 at 19:46
  • Well I've been playing around a little more and I have got it to work by placing `.mymaildomain.co.uk smtp:10.0.2.2` in the transport file (I added the leading dot so it maps subdomains used the actual domain name rather than `localdomain`) – starfry Mar 21 '13 at 20:10
0

The setup is:

$ grep domain.com /etc/postfix/*
/etc/postfix/main.cf:relay_domains = domain.com
/etc/postfix/relay_recipients:"@domain.com OK"
Binary file /etc/postfix/relay_recipients.db matches
/etc/postfix/transport:domain.com  smtp:[ip.address.of.the.mail.server]
Binary file /etc/postfix/transport.db matches

Also don't forget:

$ postmap /etc/postfix/transport
$ postmap  /etc/postfix/relay_recipients
$ /etc/init.d/postfix restart

(CentOS,RedHat)

slm
  • 7,355
  • 16
  • 54
  • 72
Todor
  • 1
  • Are you sure that `relay_domain = domain.com` is safe? On my end I use `mynetwork = IP, IP, IP...` which seems way more secure (although you have to make sure you keep your IPs up to date, of course.) – Alexis Wilke Feb 04 '18 at 03:38