Distribuite mail server with same LDAP server

sharpec · 2018-04-17 15:58:40 UTC

NethServer Version: 7.4
Module: mail

Hi all, do not hate me for the usual strange requests!

i have 2 company, with 2 NS 7.4, connect with Openvpn tunnel.
i have 1 domain based on samba with GPO and primary LDAP directory, in second location have Windows AD.

ldap directory on server 1
server 2 is joined in active directory of server 1
domainone.it on server 1 - domaintwo.it on server 2

domain list of server 1
domainone.it
domaintwo.it -> Relay to another server 192.168.18.241
sending mail to domaintwo work

domain list of server 2
domainone.it -> Deliver locally
domaintwo.it
sending mail to domainone dosen’t work

the goal is to get rid of the external mail server,
emails from the outside come directly to me or via pop3 connector
mails between the 2 domains transferred to vpn directly between the servers

I have many users, but few have really contact with the outside (about 30%)

my big problem is the Fully qualified domain name of DC NS

samba.domainone.it …

if change it to samba.domainone.local, nsdc-samba will change?
I destroy everything?

at that point could I create domains individually on individual servers?

robb · 2018-04-17 20:25:21 UTC

I am afraid yes. If you want to change a FQDN for the domain controller, you have to remove it from the domain and recreate it… destroying all users, groups and GPO’s

What I fail to see is why server.domainone.it would be a problem as FQDN.

sharpec · 2018-04-18 06:17:18 UTC

you are right, that’s not the problem.

but if on second server i try to relay domainone.it to server 1, delivery from the main to the secondary also fails, as if a loop was created.

if on secondary server type

db domains setprop domainone.it TransportType Relay
signal-event nethserver-mail-common-save

mail from primary is received by the secondary, and sent back to the primary with the relay …

Apr 18 08:29:38 samba2 postfix/smtp[6266]: B268A40D441C: to=<leonardo@domainone.it>, orig_to=<leonardo@domaintwo.it>, relay=192.168.1.254[192.168.1.254]:25, delay=4.8, delays=4.5/0/0.25/0.09, dsn=2.0.0, status=sent (250 2.0.0 Ok: queued as 79D3140363C2A)

robb · 2018-04-18 17:09:14 UTC

What if you add both servers in your local DNS?
Ofc, this only helps if your clients use your local DNS server…

sharpec · 2018-04-18 17:45:13 UTC

I try tomorrow morning

sharpec · 2018-04-19 08:43:30 UTC

i actually try with web client on server

on servertwo

db domains setprop domainone.it TransportType Relay
signal-event nethserver-mail-common-save

insert dns entry

192.168.1.254 smtp.domainone.it

send mail via webclient, they are always delivered locally

giacomo · 2018-04-19 11:55:14 UTC

I don’t think this is a common usage scenario, but maybe @filippo_carletti or @davidep know some postfix trick

sharpec · 2018-04-19 12:14:50 UTC

I was thinking about this solution because the bandwidth between the two seats is maximum 20mbit, there is no fiber in any of the two locations, but only Vodafone 20/20 radio link. I already have MySQL samba and some web services traffic. I wanted to leave the mail performing.

pike · 2018-04-19 12:26:28 UTC

IMO this is the bogus. I think there’s should be a server3, acting like a mailserver for domaintwo.it.
Hacking the relay could be a double-edged knife in the future.