Postfix multiserver setup
From Zarafa wiki
|Line 1:||Line 1:|
== Introduction ==
== Introduction ==
Latest revision as of 09:11, 24 November 2010
This article describes how you can set up a distributed Postfix environment. When using the Zarafa Enterprise over multiple locations, this how-to can be relevant. Because the Zarafa multiserver version can only be used with a LDAP or Active Directory user backend, we use Postfix also with the LDAP backend.
This article is only relevant when using Zarafa multiserver over multiple remote locations. When using Zarafa multiserver on one location, it's better to use a single MTA and deliver email by the Zarafa-dagent directly to both servers.
Fig 1. Overview distributed Postfix setup
All 4 mailservers run in this setup both Postfix and Zarafa. External incoming emails are delivered to the main MTA (Mail1). Based on the home server of a user the email is delivered to the Zarafa-dagent on the specific server. For the delivery to the Zarafa-dagent the LMTP protocol is used.
When a user on server Mail2 sends an email to an internal user on server Mail3, the Postfix MTA on server Mail2 will connect via LMTP protocol to server Mail3. All emails sends to external email domains are relayed via the main MTA (mail1).
Postfix can be set up with a transport map to lookup for the home server of a specific user. The result of that lookup will be used as the server to connect to for delivering the message.
Provided you have set up the general LDAP/ADS integration for both Zarafa and Postfix, please add the following lines to your /etc/postfix/main.cf to delivery email based on zarafaUserServer address:
relayhost = mail1 # transport_maps = ldap:transport # transport_server_host = ip-address-ldap-server transport_bind_dn = cn=Administrator,dc=zarafa,dc=local transport_bind_pw = secret transport_timeout = 5 transport_search_base = ou=Users,dc=zarafa,dc=local transport_query_filter = (mail=%s) transport_result_attribute = zarafaUserServer transport_result_filter = lmtp:%s:2003 transport_lookup_wildcards = no
Normally the Zarafa-dagent LMTP service is only available on localhost. To connect to the LMTP service on a remote server, please change the following line in the /etc/zarafa/dagent.cfg.
server_bind = 0.0.0.0
This will make the LMTP listen on all interfaces. Make sure that your firewall is set up accordingly and it doesn't block port 2003 for the machines needed to connect to it.
This article doesn't describe how to set up Postfix mail domains and aliases for LDAP/ADS. For these configurations have a look at the other Postfix integration wiki articles.