Page 1 of 2 12 LastLast
Results 1 to 10 of 14

Thread: [SOLVED] raj, Phoenix, Uxbod, and the rest. Help with Split Domain :)

  1. #1
    Join Date
    Jun 2009
    Posts
    195
    Rep Power
    6

    Default [SOLVED] raj, Phoenix, Uxbod, and the rest. Help with Split Domain :)

    I have followed the split domain wiki, but does not seem to have helped.
    I believe one of you might have an answer to my headache. I want to enjoy the wonders of zimbra, but I am currently not seeing it happening. I want to migrate from my old server(secondary) to zimbra(primary). It has not been like that for me. Below are the information that I have so far and questions.

    This is my configuration for my primary MX:
    alias_maps = hash:/etc/aliases
    bounce_queue_lifetime = 5d
    broken_sasl_auth_clients = yes
    command_directory = /opt/zimbra/postfix/sbin
    config_directory = /opt/zimbra/postfix-2.6.2.2z/conf
    content_filter = smtp-amavis:[127.0.0.1]:10024
    daemon_directory = /opt/zimbra/postfix/libexec
    disable_dns_lookups = no
    header_checks =
    in_flow_delay = 1s
    lmtp_connection_cache_destinations =
    lmtp_connection_cache_time_limit = 4s
    lmtp_host_lookup = dns
    local_header_rewrite_clients = permit_mynetworks,permit_sasl_authenticated
    mail_owner = postfix
    mailbox_size_limit = 0
    mailq_path = /opt/zimbra/postfix/sbin/mailq
    manpage_directory = /opt/zimbra/postfix/man
    maximal_backoff_time = 4000s
    message_size_limit = 50000000
    minimal_backoff_time = 300s
    mydestination = localhost
    myhostname = zimbra.my.aacount.com
    mynetworks = 127.0.0.0/8 192.168.1.0/24
    newaliases_path = /opt/zimbra/postfix/sbin/newaliases
    propagate_unmatched_extensions = canonical
    queue_directory = /opt/zimbra/data/postfix/spool
    queue_run_delay = 300s
    recipient_delimiter =
    relayhost = my.aacount.com:25
    sender_canonical_maps = proxy:ldap:/opt/zimbra/conf/ldap-scm.cf
    sendmail_path = /opt/zimbra/postfix/sbin/sendmail
    setgid_group = postdrop
    smtp_sasl_mechanism_filter = plain,login
    smtp_sasl_security_options = noanonymous
    smtp_tls_security_level = may
    smtp_use_tls = yes
    smtpd_client_restrictions = reject_unauth_pipelining
    smtpd_data_restrictions = reject_unauth_pipelining
    smtpd_helo_required = yes
    smtpd_recipient_restrictions = reject_non_fqdn_recipient, permit_sasl_authenticated, permit_mynetworks, reject_unauth_destination,
    reject_unlisted_recipient, reject_unknown_recipient_domain, reject_unverified_recipient, reject_rbl_client zen.spamhaus.org, reject_rbl_client
    bl.spamcop.net, reject_rbl_client dnsbl-1.uceprotect.net, reject_rbl_client ix.dnsbl.manitu.net, reject_rbl_client dyna.spamrats.com,
    reject_rbl_client noptr.spamrats.com, reject_rbl_client all.rbl.jp, reject_rbl_client safe.dnsbl.sorbs.net, reject_rbl_client
    b.barracudacentral.org, reject_rbl_client psb.surriel.com, reject_rbl_client dnsbl.ahbl.org, reject_rbl_client dnsbl.njabl.org,
    reject_rbl_client bhnc.njabl.org, reject_rbl_client dnsbl.dronebl.org, reject_rbl_client rabl.nuclearelephant.com, reject_rbl_client
    multi.uribl.com, reject_rbl_client 0spam.fusionzero.com, reject_rbl_client 0spam-killlist.fusionzero.com, permit
    smtpd_reject_unlisted_recipient = no
    smtpd_sasl_auth_enable = yes
    smtpd_sasl_authenticated_header = no
    smtpd_tls_auth_only = yes
    smtpd_tls_cert_file = /opt/zimbra/conf/smtpd.crt
    smtpd_tls_key_file = /opt/zimbra/conf/smtpd.key
    smtpd_tls_loglevel = 1
    smtpd_tls_security_level = may
    transport_maps = proxy:ldap:/opt/zimbra/conf/ldap-transport.cf
    virtual_alias_domains = proxy:ldap:/opt/zimbra/conf/ldap-vad.cf
    virtual_alias_maps = proxy:ldap:/opt/zimbra/conf/ldap-vam.cf
    virtual_mailbox_domains = proxy:ldap:/opt/zimbra/conf/ldap-vmd.cf
    virtual_mailbox_maps = proxy:ldap:/opt/zimbra/conf/ldap-vmm.cf
    virtual_transport = error
    Also, this is my current configuration for the server that I want to make the secondary MX:
    body_checks = regexp:/usr/local/etc/postfix/body_checks
    bounce_queue_lifetime = 2d
    command_directory = /usr/local/sbin
    config_directory = /usr/local/etc/postfix
    daemon_directory = /usr/local/libexec/postfix
    debug_peer_level = 2
    header_checks = regexp:/usr/local/etc/postfix/header_checks
    home_mailbox = Maildir/
    html_directory = no
    mail_owner = postfix
    mailq_path = /usr/local/bin/mailq
    manpage_directory = /usr/local/man
    maximal_queue_lifetime = 2d
    message_size_limit = 15360000
    mydestination = $myhostname
    mydomain = account.com
    myhostname = my.account.com
    mynetworks = 192.168.1.0/24, 192.168.134.0/24
    myorigin = $myhostname
    newaliases_path = /usr/local/bin/newaliases
    queue_directory = /var/spool/postfix
    readme_directory = no
    sample_directory = /usr/local/etc/postfix
    sendmail_path = /usr/local/sbin/sendmail
    setgid_group = maildrop
    smtpd_data_restrictions = reject_unauth_pipelining
    smtpd_delay_reject = yes
    smtpd_helo_required = yes
    smtpd_helo_restrictions = permit_mynetworks, check_helo_access hash:/usr/local/etc/postfix/helo_access, reject_invalid_helo_hostname, reject_non_fqdn_helo_hostname
    smtpd_recipient_restrictions = permit_mynetworks, check_sender_access hash:/usr/local/etc/postfix/sender_access, check_recipient_access
    hash:/usr/local/etc/postfix/recipient_access, reject_unauth_destination, reject_non_fqdn_recipient, reject_unknown_recipient_domain,
    reject_unlisted_sender, reject_rbl_client bl.spamcop.net, reject_rbl_client cbl.abuseat.org, reject_rbl_client combined.njabl.org,
    reject_rbl_client l2.spews.dnsbl.sorbs.net, reject_rbl_client list.dsbl.org, reject_rbl_client sbl-xbl.spamhaus.org,
    check_policy_service inet:127.0.0.1:10023
    smtpd_sender_restrictions = permit_mynetworks, reject_non_fqdn_sender, reject_unknown_sender_domain
    unknown_local_recipient_reject_code = 550
    Now:
    what extra changes do I have to make on the last configuration to make it the secondary MX?

    How do I make it known to the secondary MX that some accounts now resides on the primary MX and those accounts should receive emails from accounts in the secondary MX?

    How to let all valid domain emails coming from the outside are being accepted instead of being rejected when I make the MX records changes?

    Note*
    I want to be able to migrate users one at a time from accounts currently on my email server to the primary email server that I just created. The domain that will be the primary email server is zimbra.my.account.com and in it, I will have the my.account.com domain.

    Also, the domain for my current email server is my.account.com, which I am trying to make the secondary email server after configuring the MX records.

    Remember, I still want to be able to use my same domain name (my.account.com) in both servers.

    I did a relayhost on the primary MX zimbra.my.account.com that seems to be relaying some emails and rejecting most valid emails.

    When I try to send emails from account on the primary server to accounts on the secondary server, it loops back to itself even though i did not tell the primary server that those accounts now resides on it. And the command for that will be:
    $ zmprov ma bar@my.account.com zimbraMailTransport lmtp:zimbra.my.account.com:7025
    The above command tells the primary MX that mails for the bar account now receive emails on the primary MX

    The command below adds that account to the primary MX zimbra.my.account.com but transport emails to my.account.com
    $ zmprov ma bar@my.account.com zimbraMailTransport smtp:my.account.com:25

  2. #2
    Join Date
    Mar 2006
    Location
    Massachusetts
    Posts
    965
    Rep Power
    10

    Default

    Have you considered doing things the other way around; keep your existing server as primary and making Zimbra the secondary? I only ask because this is the way I did my migration from an existing Postfix email server and it was pretty easy to setup.

  3. #3
    Join Date
    Jun 2009
    Posts
    195
    Rep Power
    6

    Default

    If I make zimbra the secondary, will the user still use zimbra as there default email. The features and functionalities in zimbra is more appealing than what I currently have. That will be good as well, but I am looking for zimbra to be the server that users get there mail directly from instead of the current one.
    Any more suggestions will be accepted. Can you email me the steps that you use to make your current postfix the primary and zimbra the secondary. I am not sure what difference there will be if I do it the other way round. OR are you suggesting doing that then after all the migration of accounts, I switch the zimbra as the primary and the postfix as the secondary?
    Thanks for your concern
    Last edited by borngunners; 10-13-2009 at 10:48 AM.

  4. #4
    Join Date
    Mar 2006
    Location
    Massachusetts
    Posts
    965
    Rep Power
    10

    Default

    If I make zimbra the secondary, will the user still use zimbra as there default email. The features and functionalities in zimbra is more appealing than what I currently have. That will be good as well, but I am looking for zimbra to be the server that users get there mail directly from instead of the current one.
    Yes, if you make Zimbra the secondary the users (as you migrate them) will have all the features and functionality of Zimbra. It is just that your current email server will still handle incoming messages first and then pass them off to the Zimbra server.

    Can you email me the steps that you use to make your current postfix the primary and zimbra the secondary.
    You need to follow the steps in the Split Domain wiki page to configure Zimbra as the secondary server. Just go right down the line and execute the given commands, replacing "@examle.com" with your email domain and mail.example.com with the FQDN of your current email server.

    Then on your existing Postfix email server as you migrate users over to Zimbra add a line to the transport table that looks something like this:
    Code:
    jdoe@example.com   smtp:[zimbraserver.example.com]
    Be sure to rebuild the transport table using 'postmap transport' after you make any changes. Now email that hits your existing server for user jdoe@example.com, in this case, will be forwarded to your Zimbra server.

    Once you've migrated all your users over to the Zimbra server you will need to update the MX records in your DNS to point to the Zimbra server. You will also need to back out the 'zmprov' changes that you made based on the wiki page.

    HTH,
    John

  5. #5
    Join Date
    Jun 2009
    Posts
    195
    Rep Power
    6

    Default

    I followed the instruction in the wiki for zimbra as a secondary server. This is the command and the output that I have:

    zimbra@zimbra:/root$ zmprov md my.account.com zimbraMailCatchAllAddress @my.account.com
    zimbra@zimbra:/root$ zmprov md my.account.com zimbraMailCatchAllForwardingAddress @my.account.com
    zimbra@zimbra:/root$ zmprov md my.account.com zimbraMailTransport smtp:my.account.com
    zimbra@zimbra:/root$ zmprov mcf zimbraMtaRelayHost my.account.com
    zimbra@zimbra:/root$ zmprov mcf zimbraMtaDnsLookupsEnabled FALSE
    zimbra@zimbra:/root$ clear
    zimbra@zimbra:/root$ postfix stop
    postfix/postfix-script: stopping the Postfix mail system
    zimbra@zimbra:/root$ postfix start
    postfix/postfix-script: warning: not owned by root: /opt/zimbra/data/postfix/spool
    postfix/postfix-script: warning: not owned by root: /opt/zimbra/postfix-2.6.2.2z/conf/main.cf
    postfix/postfix-script: warning: not owned by root: /opt/zimbra/postfix-2.6.2.2z/conf/master.cf
    postfix/postfix-script: warning: not owned by root: /opt/zimbra/postfix-2.6.2.2z/conf/master.cf.in
    postfix/postfix-script: warning: not owned by postfix: /opt/zimbra/data/postfix/./spool/pid/unix.smtp
    postfix/postfix-script: warning: not owned by postfix: /opt/zimbra/data/postfix/./spool/pid/inet.127.0.0.1:10025
    postfix/postfix-script: warning: not owned by postfix: /opt/zimbra/data/postfix/./spool/pid/unix.smtp-amavis
    postfix/postfix-script: warning: not owned by postfix: /opt/zimbra/data/postfix/./spool/pid/unix.showq
    postfix/postfix-script: warning: not owned by postfix: /opt/zimbra/data/postfix/./spool/pid/unix.cleanup
    postfix/postfix-script: warning: not owned by postfix: /opt/zimbra/data/postfix/./spool/pid/unix.bounce
    postfix/postfix-script: warning: not owned by postfix: /opt/zimbra/data/postfix/./spool/pid/master.pid
    postfix/postfix-script: warning: not owned by postfix: /opt/zimbra/data/postfix/./spool/pid/unix.error
    postfix/postfix-script: warning: not owned by postfix: /opt/zimbra/data/postfix/./spool/pid/unix.lmtp
    postfix/postfix-script: warning: not owned by postfix: /opt/zimbra/data/postfix/./spool/pid/inet.smtp
    postfix/postfix-script: starting the Postfix mail system
    zimbra@zimbra:/root$
    Also, you stated that I should enter the following command in the transport table:
    jdoe@example.com smtp:[zimbraserver.example.com]
    and also do the following postmap command:
    transport_maps = hash:/usr/local/etc/postfix/transport
    after removing the "#" sign from the front of it in main.cf, is that right?

    Once you've migrated all your users over to the Zimbra server you will need to update the MX records in your DNS to point to the Zimbra server. You will also need to back out the 'zmprov' changes that you made based on the wiki page.
    What command do you use to back out all zmprov command that i use to setup zimbra as a secondary mail server
    Last edited by borngunners; 10-13-2009 at 12:11 PM.

  6. #6
    Join Date
    Mar 2006
    Location
    Massachusetts
    Posts
    965
    Rep Power
    10

    Default

    The transport table stuff is to be done on your existing (primary) email server. Yes, you would need to remove the "#" in the main.cf file in front of the transport_table line. Just make sure that when you create/edit the transport file you are working in the same location specified in main.cf (in your case /usr/local/etc/postfix/transport).

    Just to be clear, when you setup your Zimbra server you set the email domain to match your existing email server, right? You may have changed things in the info you posted so that you weren't posting your real info, but your 'zmprov' commands look a little off to me. According to your original post your email domain is 'account.com'. In this case (example) your first 'zmprov' command should be:
    Code:
    zmprov md account.com zimbraMailCatchAllAddress @account.com

  7. #7
    Join Date
    Nov 2006
    Location
    UK
    Posts
    8,017
    Rep Power
    24

    Default

    Remember main.cf will be over-written on each ZCS restart; so you have to make any changes via zmlocalconfig and zmprov for them to be persistent.

  8. #8
    Join Date
    Mar 2006
    Location
    Massachusetts
    Posts
    965
    Rep Power
    10

    Default

    Remember main.cf will be over-written on each ZCS restart; so you have to make any changes via zmlocalconfig and zmprov for them to be persistent.
    In this case the only changes to main.cf should be made on the existing, primary (non-Zimbra) server.

  9. #9
    Join Date
    Jun 2009
    Posts
    195
    Rep Power
    6

    Default

    Soxfan:
    you are right. my original domain is the same like the one created in the ximbra server. it should actually be my.account.com instead of account.com.
    account.com is where my DNS is being configured.
    Now, if I do a catchall, wouldn't I invite spam or specidying the @domain will make it clear that only emails coming to the @domain will accept email and the rest will become spam, right?

  10. #10
    Join Date
    Nov 2006
    Location
    UK
    Posts
    8,017
    Rep Power
    24

    Default

    catchall = big spam bucket (unless you are harvesting them)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •