Results 1 to 4 of 4

Thread: Could use some advise: Re: Relay setup

  1. #1
    Join Date
    Feb 2006
    Location
    Southern California
    Posts
    49
    Rep Power
    9

    Default Could use some advise: Re: Relay setup

    Greetings,

    I'm a network edition customer, and have a theoretical question regarding email server setups. I'm looking for some knowledge as to the best way to set things up in this scenario. Hoping someone on the forums can help me or at lease get me headed in the right direction.

    I have two servers set up as such (names and IP's changed to protect the innocent).

    Both have public IP addresses. No NAT needed or in the mix. I have complete control of the DNS for these servers.

    mail2.foo.com and public IP 1.2.3.4 (production email)
    mail.foo.com and public 4.5.6.7 (relay server)

    mail.foo.com is being used to relay mail for a select set of our customer base to the outside world. We require authorization, and set up a unique user for them to use for relay. In the "outgoing server" setting's in their email clients (outlook, IE, tbird, etc), they enter "mail.foo.com" and also enter the auth settings. All works just fine.

    mail2.foo.com is the production server for our organization, and handles all mail (pop, imap, smtp on port 587 with auth). All works just fine.


    The problem is this: If a relay customer - who's outgoing server settings are set to mail.foo.com - sends an email to my domain email address - mailuser@foo.com for example - the message is bounced back to the sender.

    This is because the mailuser@foo.com user account does not exist on the relay server, so it is bounced back to the sender. The mail user account exists on mail2.foo.com.

    Are there any suggestions out there that would help me solving this dilemma.

    One that comes to mind.

    I could relay from my production server, but I don't want to take up the user seats for relay customers.

    To solve this, I could open relay for the customer's unique IP addresses, thus not needing auth, but we would like to have auth in place due to spamming concerns.

    Perhaps I could forward all messages received to the relay server with auth on to the producition server using the Relay MTA for external delivery? Thoughts.

    Thank you in advance for any enlightenment.

    -Dave
    - dmrdave

  2. #2
    Join Date
    Nov 2006
    Location
    UK
    Posts
    8,017
    Rep Power
    25

    Default

    What MTA are you using on your relay server ? If you are using Postfix you could either 1) perform a direct LDAP lookup on your Production server for the recipient and then relay the email to your Production server 2) Extract the list of users from your Production server using zmprov and then generate a transport file or 3) anything destined for the domain handled by your Production server relay it through.

    If your using Exim have a read of Exporting all addresses - Zimbra :: Wiki.
    Last edited by uxbod; 07-18-2008 at 01:54 AM.

  3. #3
    Join Date
    Feb 2006
    Location
    Southern California
    Posts
    49
    Rep Power
    9

    Default

    Hey, thanks for the response. I really appreciate the ideas and will investigate. FYI, my production box is NE 5.0.8 (ubuntu 6.06) and my relay server is FOSS 4.5.9 (SUSE 9), but I plan to upgrade it to FOSS 5.0.8 (Ubuntu) and use it for relay services. Hence my post looking for suggestions. Thank you again.
    - dmrdave

  4. #4
    Join Date
    Nov 2007
    Location
    Knoxville, TN
    Posts
    35
    Rep Power
    8

    Default

    What would happen if mail2.foo.com used mail.foo.com as an outbound MTA? Then mail to foo.com would be captured and mail not to foo.com would be sent on its merry way. Wouldn't it?

    I use Postini as an inbound and outbound MTA on my single server and it works great.

    In the WebAdmin interface choose Servers>mail2.foo.com>MTA. Look for "Relay MTA for external delivery" point that to mail.foo.com. Choose Servers>mail.foo.com>MTA. Look for "MTA Trusted Networks". Put the IP of mail2.foo.bar in it, along with the other IPs that should also be there.

    If my thinking is correct the your mail should flow. It's not quite the same as what I've done, so your mileage may vary. Good luck.

Similar Threads

  1. Howto setup TLS usage with upstream MTA
    By markymarknz in forum Installation
    Replies: 3
    Last Post: 10-21-2008, 12:49 PM
  2. Adding external relay to existing installation
    By sean.lutner in forum Administrators
    Replies: 1
    Last Post: 02-05-2008, 01:58 PM
  3. RHCS setup
    By Klug in forum Installation
    Replies: 1
    Last Post: 05-29-2007, 01:59 AM
  4. Help needed to setup up third party Antivirus scanning
    By curious_guy in forum Installation
    Replies: 1
    Last Post: 10-01-2006, 07:15 AM
  5. setup to be be a relay
    By epfreed in forum Installation
    Replies: 2
    Last Post: 12-21-2005, 11:55 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •