1

I know the way to disable all local delivery is to remove the domain from "mydestination", which will cause all mail to be relayed through whatever relay I setup. But I want postfix to accept all mail from GApps for local delivery to dovecot, but relay all locally generated mail back to GApps.

Ex: I have webmail running on the server, using the local postfix. user1@example.com sends an email to user2@example.com. If the user2 exists locally postfix delivers locally, doesnt exist - I could add an fallback relay which would send that mail to GApps. But I want postfix to always relay these mail back to GApps (which will send these mails downstream back to postfix for local delivey) regardless of local availability. So that I can have a kind of waterfall model.

I know there are a lot of related questions to this (none of the answer this specifically), but basically what I want is to have a kind of identical inboxes for same users at both the gmail and local dovecot. I have found a temporary fix by directly using GApps SMTP Relay instead of local for the webmail, but that doesn't solve anything for those connecting with IMAP (would end up having to give each user access to GApps SMTP).

smallet
  • 39
  • 6
  • 2
    How about sync the both mailbox with something like imapsync? – masegaloeh Feb 25 '15 at 09:53
  • Oh there are many other ways to achieve my end result, like setting up another MTA (like exim) on any of the other ports (465, 587) for only outgoing use, syncing both inboxes (but that would require storing a whole lot of passes in plaintext).Just wanted to know if there was a way with just changing postfix config). – smallet Feb 25 '15 at 10:31
  • The alternative of `setting up another MTA (like exim) on any of the other ports (465, 587) for only outgoing use`, is using [postfix multi instance](http://www.postfix.org/MULTI_INSTANCE_README.html) – masegaloeh Feb 25 '15 at 10:36
  • Ohh, Didn't know postfix has that. Now to learn more about it (that README looks dauting!). But really though, is there no way to do this without a single main.cf/master.cf editing? Hmm, I would need to setup a new instance, use the same config as the ISPConfig one (for SMTP auth), remove mydestination for it. – smallet Feb 25 '15 at 11:16
  • Yep that's should work for postfix. However the ISPconfig can overwrite your setup because it doesn't support postfix multi instance – masegaloeh Feb 25 '15 at 11:22
  • Hmm, ISPConfig only creates the postfix files once and "manages" stuff through the sql mostly (afaik!), don't know if it actually interfaces with postfix. Would have to try I guess. – smallet Feb 25 '15 at 11:25

1 Answers1

2

Finally got my setup to work with postfix multiple instances masegaloeh mentioned. I tried to use exim4, but apt-get install exim4 automatically uninstalled postfix, without even a prompt! Anyways, here is how I got it to work:

#Adds some lines to main.cf enabling multiple instance
postmulti -e init

#Creates a new instance at the directory /etc/postfix-outgoing
postmulti -I postfix-outgoing -G mta -e create

For my use-case, I wanted port 25 and port 465 to be used for receiving incoming mail from Gmail, but needed postfix submission (runs on port 587) for outgoing MTA use. So I commented it like this in /etc/postfix/master.cf

#submission inet n       -       -       -       -       smtpd

and commented smtp and smtps but added submission in /etc/postfix-outgoing/master.cf, to get something like this

submission inet n       -       -       -       -       smtpd
-o syslog_name=postfix/submission
-o smtpd_tls_security_level=encrypt
-o smtpd_sasl_auth_enable=yes
-o smtpd_reject_unlisted_recipient=no

I copied the default ISPConfig's main.cf from /etc/postfix and made a lot of modifications to my /etc/postfix-outgoing/main.cf, but the main ones are:

  1. Changed the myhostname to differ from the main instance. (otherwise postfix confuses between them)
  2. Removed all dovecot specific configs.
  3. Change data directory.
  4. Make sure postfix doesn't try local delivery. (through mydestination, virtual_domains, etc).
  5. Enter your relayhost.
  6. Add a second listener to dovecot.conf service auth pointing to /var/spool/postfix-outgoing/private/auth as direct reference to original path didn't work for me. Or you can try using - Dovecot authentication via TCP.

Finally enable the instance:

postmulti -i postfix-outgoing -x postconf -e \
  "master_service_disable ="
postmulti -i postfix-outgoing -e enable
postmulti -i postfix-outgoing -p start

tail -f /var/log/mail.log and see where things went wrong.

Reference: http://www.postfix.org/MULTI_INSTANCE_README.html

Community
  • 1
smallet
  • 39
  • 6
  • +1 for Great tutorial :). For dovecot issue, *perhaps* you can add second listener in `var/spool/postfix-outgoing/private/auth` socket (where `var/spool/postfix-outgoing` is another postfix spool directory for second instance) – masegaloeh Feb 27 '15 at 02:57
  • Thanks, this is my first answer on StackExchange! So just point out if there is anything wrong with the way I answered (I made this more of a tutorial rather than an answer). I will try that, maybe only one process can access that socket at once or something like that (new to linux!) – smallet Feb 27 '15 at 03:00
  • Don't worry. Your answer is OK. Anyway, what's error that you getting when *giving direct path /var/spool/postfix/private/auth tp smtpd_sasl_path*? – masegaloeh Feb 27 '15 at 03:04
  • warning: SASL: Connect to /var/spool/postfix/private/auth failed: No such file or directory – smallet Feb 27 '15 at 03:07
  • 1
    Nice, adding the second listener fixed it. Used the relative `private/auth` path and it worked perfectly. No need of TCP auth I guess. Editing the answer. – smallet Feb 27 '15 at 03:23