Single domain with multiple postfix servers
Andrew Nady
Is it possible to provide email service with postfix for a single domain that spans on multiple mailservers?
At location A I have 300 users and at location B 400 users. (Total 700 users)
These locations are geographically in different countries.
The users are AD based and each location has a postfix mail-gateway that performs an ldap query.
How could I deliver email or probe location A or B for existence of user...@domain.com?
Thanks,
--
Andrew Nady
Victor Duchovni
> Is it possible to provide email service with postfix for a single
> domain that spans on multiple mailservers?
Yes. If you choose a single Internet-facing domain for geographically
diverse organization, you must arrange for internal forwarding of email
to the right destination. A user's public email address is then different
from the internal mailbox address, and your internal mail systems forward
mail as necessary from one internal cluster of mail servers to another,
possibly on a different continent.
> At location A I have 300 users and at location B 400 users. (Total
> 700 users) > These locations are geographically in different countries.
> The users are AD based and each location has a postfix mail-gateway that performs an ldap query.
> How could I deliver email or probe location A or B for existence
> of user...@domain.com?
You implement the external domain as a virtual alias domain, and rewrite
recipient addresses to underlying mailbox domains that are only known
internally.
us...@example.com us...@A.example.com
us...@example.com us...@B.example.com
The mail servers at sites "A" and "B" must recognize both "us...@example.com"
and "us...@A.example.com" as being address of the same user. Each site
delivers its own users locally, but forwards mail to the remote site
(perhaps via secure-channel TLS, or a VPN, ...) when the recipient's mailbox
domain is remote.
Mail user agents, directory services, ... are configured to only work
with "example.com" and are unaware of what the mail servers are doing
behind the scenes.
--
Viktor.
Disclaimer: off-list followups get on-list replies or get ignored.
Please do not ignore the "Reply-To" header.
To unsubscribe from the postfix-users list, visit
http://www.postfix.org/lists.html or click the link below:
<mailto:majo...@postfix.org?body=unsubscribe%20postfix-users>
If my response solves your problem, the best way to thank me is to not
send an "it worked, thanks" follow-up. If you must respond, please put
"It worked, thanks" in the "Subject" so I can delete these quickly.
Andrew Nady
The mailgateways (postfix ldap) on both sides do OU based verification against MS AD,
so the serveron Canada side will query the ou=Canada,dc=domain,dc=local
and the server on the US side will query to ou=States,dc=domain,dc=local
These two server work well on each side.
I was thinking that if there could be one server that sits in a colo location that in some ways
could test for existence of an email account on gw-canada.domain.com and also gw-states.domain.com
--
Andrew Nady.
Primary Support Systems Canada Inc.
820 Flint road, North York, ON M3J 2J5
p: 416-736-4888
f: 416-736-4890
Victor Duchovni
> Thanks for the info, let me give you a more detailed scenario.
>
> The mailgateways (postfix ldap) on both sides do OU based verification against MS AD,
> so the serveron Canada side will query the ou=Canada,dc=domain,dc=local
> and the server on the US side will query to ou=States,dc=domain,dc=local
> These two server work well on each side.
> I was thinking that if there could be one server that sits in a colo location that in some ways
> could test for existence of an email account on gw-canada.domain.com and also gw-states.domain.com
http://www.postfix.org/VIRTUAL_README.html
http://www.postfix.org/ADDRESS_REWRITING_README.html
http://www.postfix.org/LDAP_README.html
http://www.postfix.org/ldap_table.5.html
http://www.postfix.org/transport.5.html