Re: Request for advice (qmail-remote) Part II
On Thu, Jul 12, 2001 at 10:58:33AM +0930, Greg Elliott wrote: Next I would like to offer every user in the organization a mail address [EMAIL PROTECTED] (Regardless of where they reside in the organization). [...] qmail-ldap may be your favorite here. It has builtin cluster support letting define you on which mailserver each account is located, regardless of the address. This will cause your much less administrative overhead than a .qmail based solution. Read more at http://www.lifewithqmail.org/ldap/ -- * Henning Brauer, [EMAIL PROTECTED], http://www.bsws.de * * Roedingsmarkt 14, 20459 Hamburg, Germany * Unix is very simple, but it takes a genius to understand the simplicity. (Dennis Ritchie)
Re: Request for advice (qmail-remote) Part II
Chris Garrigues wrote: From: Greg Elliott [EMAIL PROTECTED] Date: Thu, 12 Jul 2001 10:58:33 +0930 The problem I am trying to resolve is where user3 mails user4 at the address [EMAIL PROTECTED] I do not want the mail to be sent back to the central mail server and then returned to the address [EMAIL PROTECTED]. Instead I would like the branch mail server to realise that user4 is a local user and just deliver the mail to user4's local mail store. I suspect the easiest thing to do would be to get the qmail-ldap patches and install ldap. Keep the master LDAP database on the central server and run replica databases on each on the branch servers. I have a master LDAP server on it's own machine, because I use it for alot more than just email accounts. I have a replica LDAP server on all mail servers. LDAP replication is done real-time via SSL, only the master accepts modifications. Mail authentication is pointed to the local LDAP server on the mail server, so imap/pop passwords never fly in the clear. If you have failover LDAP and the local server dies for some reason, it will pick up a remote server and you will be in the clear unless you are on a vpn. I have asked Sam Varshavchik to implement SSL in Courier's authldap module. Each server would then be able to use LDAP to determine where the mail really belongs. The mail routing works very well to remote offices in US, Japan, and Germany. You also need Henning's dash-trick patch. This is required so that you can store aliases and pointers to ezmlm lists in LDAP, otherwise you have to use the same outgoing mail server for all offices and that is not too cool. I can provide details on how to do this if needed. I haven't used all the functionality that this would require, but I'm fairly certain that qmail-ldap has everything you'd need. And alot more. Join the qmail-ldap mailing list from www.nrg4u.com. Regards, Mike
Re: Request for advice (qmail-remote) Part II
-BEGIN PGP SIGNED MESSAGE- Mike Jackson wrote: If you have failover LDAP and the local server dies for some reason, it will pick up a remote server and you will be in the clear unless you are on a vpn. I have asked Sam Varshavchik to implement SSL in Courier's authldap module. I use stunnel to avoid this. Works well, low overhead. - -d - -- David Talkington http://www.spotnet.org PGP key: http://www.prairienet.org/~dtalk/dt000823.asc -BEGIN PGP SIGNATURE- Version: PGP 6.5.8 Comment: Made with pgp4pine 1.75-6 iQEVAwUBO023mr1ZYOtSwT+tAQFNkgf/fq7vYFDrL+wKKhxEIDQKKkimiFMooUjl jdBqC8G7IvxkBlrgHjoiZtguzTliebbNRmW/a9Q+VXKIqYNc4ZUjj/Igbemf3ivt UTjDUMVA7P74qGJTOBTWhAvPRmCjGnNnvk8ADvhJ5boLUq9lVzKnG2o95CZQpuGV 36N7O2lKc4z77Eu1aUTGDwf4my2hy9c4XBiUhPffuxjFiOhTmyf6ghzCrOfPEhMO qxOmcmANZScFl7PZLSZKlccA9pHytcPvRXl2aCr2JhJW0ypGTG/Ku7ZQvQB7bdK9 78F/QEo1F8hOlhYAyJrIWQRKAy3Z/0bQSebYo6L3wP3lZ7nrIa4Sag== =e7TX -END PGP SIGNATURE-
Request for advice (qmail-remote) Part II
Thankyou to those who have already replied to my first posting. However, as Charles Cazabon pointed out, I probably should have backed up a step to describe exactly what I am trying to achieve; and in doing so see if that makes the advice offered by Arjen van Drie and Dave Sill change in any way. Okaythe end result I would like to achieve is this: I want to put in a single machine that acts as a central mail gateway for an organization. All mail for every domain related to the organization will initially arrive there and be farmed out to the various branch mail servers (each which have one or more individual domains). Next I would like to offer every user in the organization a mail address [EMAIL PROTECTED] (Regardless of where they reside in the organization). Taking the case where I have 4 users: [EMAIL PROTECTED] [Located in the head office...connects directly to the central mail server] [EMAIL PROTECTED] [Located in branch1...connects to the branch1 mail server and has an alternate mail address [EMAIL PROTECTED]] [EMAIL PROTECTED] [EMAIL PROTECTED] [Located in branch2...connects to the branch2 mail server and have alternate mail addresses [EMAIL PROTECTED]] For all branch mail users I was planning on creating .qmail files on the central mail server that forward mail for [EMAIL PROTECTED] through to branchuser@branch#.company.com So far so good...that part is easy. The problem I am trying to resolve is where user3 mails user4 at the address [EMAIL PROTECTED] I do not want the mail to be sent back to the central mail server and then returned to the address [EMAIL PROTECTED]. Instead I would like the branch mail server to realise that user4 is a local user and just deliver the mail to user4's local mail store. I hope that this outline clarifies exactly what I am trying to achieve, and doesn't sound too confusing. Thanks in advance, once again, for any advice anyone can provide. Regards, Greg Elliott E-mail: [EMAIL PROTECTED]
Re: Request for advice (qmail-remote) Part II
From: Greg Elliott [EMAIL PROTECTED] Date: Thu, 12 Jul 2001 10:58:33 +0930 The problem I am trying to resolve is where user3 mails user4 at the address [EMAIL PROTECTED] I do not want the mail to be sent back to the central mail server and then returned to the address [EMAIL PROTECTED]. Instead I would like the branch mail server to realise that user4 is a local user and just deliver the mail to user4's local mail store. I suspect the easiest thing to do would be to get the qmail-ldap patches and install ldap. Keep the master LDAP database on the central server and run replica databases on each on the branch servers. Each server would then be able to use LDAP to determine where the mail really belongs. I haven't used all the functionality that this would require, but I'm fairly certain that qmail-ldap has everything you'd need. Chris -- Chris Garrigues http://www.DeepEddy.Com/~cwg/ virCIO http://www.virCIO.Com 4314 Avenue C Austin, TX 78751-3709 +1 512 374 0500 My email address is an experiment in SPAM elimination. For an explanation of what we're doing, see http://www.DeepEddy.Com/tms.html Nobody ever got fired for buying Microsoft, but they could get fired for relying on Microsoft. PGP signature
Re: Request for advice (qmail-remote) Part II
Greg Elliott [EMAIL PROTECTED] wrote: I want to put in a single machine that acts as a central mail gateway for an organization. All mail for every domain related to the organization will initially arrive there and be farmed out to the various branch mail servers (each which have one or more individual domains). Okay, that's easy; you put each branch domain in rcpthosts, and give it an appropriate smtproutes entry. Next I would like to offer every user in the organization a mail address [EMAIL PROTECTED] (Regardless of where they reside in the organization). Alright. company.com becomes a virtual domain on the central server. You can then forward mail from various users in it to the various branch domains using .qmail files, or perhaps with the fastforward package. You'd do this with something like this in virtualdomains: company.com:alias-company and ~alias/.qmail-company-default containing: |fastforward The problem I am trying to resolve is where user3 mails user4 at the address [EMAIL PROTECTED] I do not want the mail to be sent back to the central mail server and then returned to the address [EMAIL PROTECTED]. Instead I would like the branch mail server to realise that user4 is a local user and just deliver the mail to user4's local mail store. This becomes difficult with stock qmail -- you end up having to distribute some form of mapping from users to branch domains. It's possible, again with fastforward or .qmail files, but it's an administrative hassle. LDAP comes to mind as a solution here -- either an LDAP PAM module an unpatched qmail, or qmail-ldap. I'm afraid I can't offer much advice on qmail-ldap. Charles -- --- Charles Cazabon[EMAIL PROTECTED] GPL'ed software available at: http://www.qcc.sk.ca/~charlesc/software/ ---
