Postfix multiserver setup

From Zarafa wiki

Jump to: navigation, search

Introduction

This article describes how you can set up a distributed Postfix environment. When using the Zarafa Enterprise over multiple locations, this how-to can be relevant. Because the Zarafa multiserver version can only be used with a LDAP or Active Directory user backend, we use Postfix also with the LDAP backend.

This article is only relevant when using Zarafa multiserver over multiple remote locations. When using Zarafa multiserver on one location, it's better to use a single MTA and deliver email by the Zarafa-dagent directly to both servers.

Postfix.jpg

Fig 1. Overview distributed Postfix setup

All 4 mailservers run in this setup both Postfix and Zarafa. External incoming emails are delivered to the main MTA (Mail1). Based on the home server of a user the email is delivered to the Zarafa-dagent on the specific server. For the delivery to the Zarafa-dagent the LMTP protocol is used.

When a user on server Mail2 sends an email to an internal user on server Mail3, the Postfix MTA on server Mail2 will connect via LMTP protocol to server Mail3. All emails sends to external email domains are relayed via the main MTA (mail1).

Setup

Postfix can be set up with a transport map to lookup for the home server of a specific user. The result of that lookup will be used as the server to connect to for delivering the message.

Provided you have set up the general LDAP/ADS integration for both Zarafa and Postfix, please add the following lines to your /etc/postfix/main.cf to delivery email based on zarafaUserServer address:

 relayhost = mail1
 #
 transport_maps = ldap:transport
 #
 transport_server_host = ip-address-ldap-server
 transport_bind_dn = cn=Administrator,dc=zarafa,dc=local
 transport_bind_pw = secret
 transport_timeout = 5
 transport_search_base = ou=Users,dc=zarafa,dc=local
 transport_query_filter = (mail=%s)
 transport_result_attribute = zarafaUserServer
 transport_result_filter = lmtp:%s:2003
 transport_lookup_wildcards = no

Normally the Zarafa-dagent LMTP service is only available on localhost. To connect to the LMTP service on a remote server, please change the following line in the /etc/zarafa/dagent.cfg.

 server_bind = 0.0.0.0

This will make the LMTP listen on all interfaces. Make sure that your firewall is set up accordingly and it doesn't block port 2003 for the machines needed to connect to it.

This article doesn't describe how to set up Postfix mail domains and aliases for LDAP/ADS. For these configurations have a look at the other Postfix integration wiki articles.

Personal tools