Topic: Forward mail for unknown user to internet

[glabiche]

Hi,
Being new to mail server on linux, i have found SME the easiest one to install. Has been able to configure it quiet rapidly but i have one main problem before implementing in in my company.
I have set it up as server only and to relay all outgoing mail to my ISP smtp server. Created a domain with same name as my ISP (Both local and internet domain are same "csoft.intnet.mu"
I need to be able to forward mail for unknown user on the sme domain to the internet as some users use laptops and they need to access their mail directly from our isp so i did not configured these users locally. Any help would be greatly appreciated
thanks.

[cactus]

I have set it up as server only and to relay all outgoing mail to my ISP smtp server.

I think you mean you have set external mail delivery to go through your servers mail provider, right?

Created a domain with same name as my ISP (Both local and internet domain are same "csoft.intnet.mu"

You should never do that. It is bad practice, domains should be unique and I doubt that your provider would agree that you host a mail server on behalf of them.

I need to be able to forward mail for unknown user on the sme domain to the internet as some users use laptops and they need to access their mail directly from our isp so i did not configured these users locally. Any help would be greatly appreciated
thanks.

No, you don't need to. You need to configure your server properly and assign it your own domain. If you want users to be able to access the mail server of their provider of choice directly you should make sure you disabled the SMTP proxy. Users in your local net should then be able to configure their email client to use the external mail server of their provider of choice.

[glabiche]

Hi cactus

Thanks for your reply

The problem is that static ip address is not and option for us right now and do not have an MX record. The server will be visible only to local user and not on the internet.

The users shares mostly internal mail between them but they habe the habit of just using the "reply to " option and that is why i decided to set both the domain the same so that when emails is sent to our customers they do not get bounce emails.

I have done this in windows using ftgate and kerio both having the options to forward mails for unknown user to an smtp server and both works well with this configuration.

eg
local domain                                    isp domain
csoft.intnet.mu                                    csoft.intnet.mu

local address                                      isp address
user1@csoft.intnet.mu                      user1@csoft.intnet.mu
user2@csoft.intnet.mu                      user2@csoft.intnet.mu
                                                    laptop1@csoft.intnet.mu

here reply address will alway be ????@csoft.intnet.mu

if i send an email to user1 the server will route the mail locally without going through internet but it i send an email to laptop1 which do not exist on my local domain it will be routed to my isp smtp server.


i have try other configuration as setting between different local domain and internet domain but i alway got into trouble when our customers use the "reply to " option as the mail with bounce back to them or if i set the reply options on the client side the mail will go trough the internet to the account on our isp thus generating much delay especially if big attachment are being sent.

eg
local domain                                    isp domain
csoft.local                                          csoft.intnet.mu

local address                                     isp address
user1@csoft.local                            user1@csoft.intnet.mu
user2@csoft.local                            user2@csoft.intnet.mu
                                                    laptop1@csoft.intnet.mu

here reply address will alway be ????@csoft.local or ????@csoft.intnet.mu

if i set the reply address to ????@csoft.local all mail set to customers will bounce back to them
but if i set the reply address to ????@csoft.intnet.mu all mail will be sent to our isp before we fetch them back.

hope i am cler enough in my explanation as my english i not so good

thanks again for your help and any solution will be welcome

[Jean-Philippe Pialasse]

As said Catus this is wrong.

If you can't have a static ip you can still use a dyndns service.

On the worst case you can also set a fake domain that is only resolvable in your own network, but stealing your isp domain is bad. Have you think about the fact that some of the emails addresses you give to your users might exist for something else in your isp client?

What's happen if one of your client reply to one of these ?


So the good solution would be DynDNS (lot of registrars can do this now) + setting your sme to send email thanks to your ISP smtp (as you have a dynamic ip and no reverse most recipient smtp will bounce if you send directly).

Once this you do not need anymore a copy of the email at your isp , why ? because the external laptop will be able to resolve the dns to your server and pick it directly.


If you have a problem with dyndns services , you can then set your server to forward and keep a copy for the laptop account. In this way you will have two options to access the mail.

[glabiche]

hi  unnilennium

First sorry for not being clear enough, the domain csoft.intnet.mu is the domain for our company with about 50 pop3 mailboxes hosted by our ISP so i am not cheating on them and all address created locally will be valid address we have at our ISP. And as the server will not be visible from the internet  i thing there should be no conflicts

What i want to do is to set up a local mail server which will collect all emails from our ISP and deliver it locally and relay all outgoing email for non existing users on the local domain to the smtp server of our ISP.

the problem i have with fake domain is that i do not know how to set the reply to address to reflect the address on the ISP for all the users and still process mail for local user locally without sending it to the internet

I may be wrong but
if local domain is csoft.local and isp is csoft.intnet.mu, when the user send email to external customer the customer will get user@csoft.local for the reply address and the mail will bounce back to him but for the local users it would be okay as the mail will be process locally

but then if i change the reply to address to user@csoft.intnet.mu the external customer will get the correct address of user@csoft.intnet.mu and will be able to reply but if the mail is for a local user when he reply the mail will also be sent to the internet, right.

i have read many how to's about mail server on Linux but it seem that all of them expect a static ip address and a mail server visible on the internet and i have try postfix, citadel,zimbra but SME is the nearest i have been abel to get a fully working mail server.

the dyndns solution seems ok but for now we cannot afford to host the email server fully ourselves and we still need the mail to be hosted on our ISP

any solutions would be greatly appreciated

[Jean-Philippe Pialasse]

Hi,

thanks you for the informations.

I have hosted email server on dynamic ip for years without problem, so this is not a problem with a dynDNS service check if your registrar permit this.

Solutions:

1/ What i would do in your case is setup the mx on my server after setting up a dynDNS service. create all users on it and forward mail to external isp box for the users you want (you can just forward or keep a local copy and forward, their box must have a different  sub domain or domain after the @)

2/ Other solution would be to create a subdomaine  if it is possible for your registrar:

user@sme.csoft.intnet.mu => would be directed to your server on your dynamic ip 
user@csoft.intnet.mu => would be directed to your ISP
 
3/ last solution set up every account on your isp server
keep your domain csoft.intnet.mu set to your isp for the dns at your registrar
keep csoft.intnet.mu resolved locally on you sme
install fetchmail on your sme to retrieve emails from your isp
configure account on you sme who need an external copy  with a copy + forward or only forward but you will need an alias different from user@csoft.intnet.mu to send it to your isp server like user@isp.mu

4/ you could do something at qmail level, but you will have to set again a different sub domain for the isp or your server in order to redirect some users  email to a different sub domain.


___
if you have understand the solutions are around domain, and subdomain and DynDNS.

[glabiche]

Hi unnilennium,
thanks very much for your reply, i think i will go for the third solution first. I will post the results afterwards

thanks again

[mmccarn]

If you are feeling really adventurous, you may be able to achieve your objective by:

1) disable or restrict inbound SMTP traffic

2) disable or customize the qpsmtpd check_goodrcptto plugin (disable it to accept email addressed to anyone, anywhere; customize /var/service/qpsmtpd/config/goodrcptto to accept mail for anyone@csoft.intnet.mu, or to list only the valid accounts in your ISP's mail server).  Changing these settings could significantly increase your spam -- hence recommendation 1

3) Customize /var/qmail/alias/.qmail-default to contain something similar to:
| qmail-remote [a.b.c.d] "$SENDER" $DEFAULT@csoft.intnet.mu
(where a.b.c.d is the IP address of your ISP's mail server).

dot-qmail: man page showing the syntax for qmail's ".qmail*" control files (including /var/qmail/.qmail-default)
qmail-remote: man page for the qmail-remote program
INSTALL.alias: notes on the files in /var/qmail/alias/*

Caveats:
- I have *no idea* if this will work
- I have no idea what impact this would have on your spam traffic level
- I have no idea if this could create a mail loop that would fill your SME or ISP mail server with bounce messages.

Pros:
- If it works, and doesn't cause problems, this could be a valuable addition to SME server capabilities - I have used "split domain" mail servers several times in the past, and have seen this question raised from time to time on the SME forums.