@mkromer, what about email MTA features? Should we run Postfix&Co in front of Kopano to send/receive and filter messages against spam/viruses?
That is the idea. We donāt do MTA features, since there are also many SMTP appliances out there which do a great job already and we donāt try to re-invent the wheel - If you like, we have a plugin framework which can be used for spooler and dagent which can also do things, but we donāt do anything transport-related, so yes, you need to use an MTA. Kopano is known to work perfectly with postfix, exim and sendmail, but basically any RFC-obiding MTA (respecting industry-standard SMTP status codes) will do. So basically how it runs with Kopano is that you can define a mailbox_transport to kopano via either executing the command kopano-dagent (delivery agent) or (preferred(!)) deliver to a running kopano-dagent via LMTP (standard port 2003), please also see dagent.cfg. Vice versa you point kopano-spooler to the MTA (spooler.cfg) to define where mails should be sent to from Kopano. For Postfix, you can find extensive information here: https://documentation.kopano.io/kopanocore_administrator_manual/configure_kc_components.html#kc-postfix-integration
Thank you very much for your explanation, @mkromer!
Now I think it is possible to integrate Kopano in our mail architecture. Probably we are able to preserve almost anything of our configuration and UI tools. Postfix already delivers mail messages to the mail store via LMTP, after spam filtering, virus scan and alias expansion.
Therefore the only piece to be replaced is the mail store, the IMAP/POP3 service based on Dovecot.
What should be removed from not installed on the UI
- mailbox / quota configuration
- shared mailbox panel
Iād give more information to anybody interested on building a nethserver-kopano RPM, as alternative to nethserver-mail-server (dovecot)!
As usual, before talking of RPMs, Iād start with an #howto!
Interesting discussion.
We are working on migrating to NS but need to continue support for zarafa/kopano.
At this stage doing it on proxmox as a separate machine. But just as an integrated mailsystem would be great .
We feel @mkromer is right about the added features and to date the clients have been happy with the mobile access etc etc etc.
This is a vote for Kopano integration.
Would you mind to giving it a try? Did you make some tests? So we can get what works and what doesnāt. I guess @mkromer could help you
Alessio
We were unable to install Kopano on NS7 due to dependencies. Need to go back and get a list but at the time it was one after the other. I think it is a CentOS issue. In debian installed fine including z-push.
Where we are at the moment trying to sort out postfix on the mail server and the postfix in the NS7 gateway. What parts of the mail system on NS7 can we drop safely? Dovecot etc?
So far found we have had to stop the NS server answering to smtp as that caused email bounce on local emails.
Considering trying postmulti as a way to control flow. Do you think it will take much to modify the template system to understand the multi dedicated postfix editions? Under that design you can have a local, in and out defined postfix controls.
Iād start on a clean NethServer install start with
yum install nethserver-mail-filter nethserver-mail-common
By this way, we exclude the nethserver-mail-server package.
Then add some lines to /etc/postfix/main.cf
. Iād start by mimicing what nethserver-mail-server does. The most important parameter to set is
virtual_transport
It sets the default route of messages directed to the virtual mailbox domain.
Hi Davide
Thank you for the tip and the script. We are almost there. BUT kopano on Centos7 has too many issues. We did get it to install but only reverting to rpm -ivh --nodeps for the files yum rejected. So all in and then it started having issues with soap, but that could because of the rpm command. So back to the proxmox model with NS7, Debian/kopano server and Voip based on sark on Debian. One good thing about this model file server, email and Voip are individual so besides the hypervisor not all in one basket.
In this model we used the mailbox_transport to point to lmtp:mailserver:2003 and that is the only change to postfix on NS7. We did have to delete the mail relay setting. Which can not be deleted from the manager panel. Only by db domain commands. Is this by design or just an oversight?
On the mailserver we pointed the spooler to the NS7 server. We now need to modify Postfix on the mailserver to only look at loopback-only for internal reports.
Where I am stuck is we have z-push active on the Mailserver but as yet have not been able to proxypass Microsoft-Server-ActiveSync to the mailserver from the outside for mobile phones. Something like this should do it
>Start Location /Microsoft-Server-ActiveSync>
> ProxyPreserveHost On
> ProxyPass http://mail/Microsoft-Server-ActiveSync acquire=3000 retry=60
> ProxyPassReverse http://mail/Microsoft-Server-ActiveSync
> SetEnv proxy-initial-not-pooled
> SetEnvIf User-Agent ā.MSIE.ā value BrowserMSIE
> Header unset WWW-Authenticate
> Header add WWW-Authenticate āBasic realm=server.domain.comā
> End Location>
**But where in the design of Ns7 can that be included?** The proxypass screen does not like those capital characters.
A step by step howto will follow once we have all features running as expected.
Iād start by dropping a .conf file in /etc/httpd/conf.d with a Location stanza for the Apache web server.
Hi Davide
That was easy than I expected. Just copier the 40nextcloud in default-virtualhost.inc to
#
# 20Microsoft-Server-ActiveSync
#
RewriteEngine On
RewriteCond %\{HTTPS\} !=on
RewriteRule ^/Microsoft-Server-ActiveSync(/.*)?$ https://mail/Microsoft-Server-ActiveSync$1 [L,R=301]
And that is working. It was not affected by the capital letters. Thank you
It would be wonderful if you could write down an howto about this!
BTW, I hope to get the time to give it a try!
Davide
Is there a template for how to on Nethserver? It would be good to be in a standard form/style.
I suggest you start a new topic here on #howto and collect some feedback on it.
When itās āstable enoughā you can move it on our wiki
Thanks to our @Ctek thatās the howto yourāre looking for
https://wiki.nethserver.org/doku.php?id=howto:tips_to_create_how-to_s&s[]=write&s[]=howto
Still a work in progress. We have a pdf how to file but can not attach here. Where can we send it, thanks.
Attached is an early draft of our procedure. Will test it on another couple
of rebuilds and fill in the gaps. Of course if anyone can see improvements
always willing to look at them.
Please upload the pdf to a public web location and share its URL. Is there anybody in @docs_team that would lend a hand?
If this has been possible, will it be possible to Zimbra as well???
No time to test.
Quite off-topic, different products I guess. I donāt think so but who knows?
Can report that all working reasonably well. but need to look at getting NS7 do do RBL, Av and spam checks within Postfix but still finally transport the result via lmtp. Should we look at the Software Center or just grab some individual rpms?
All you need comes with it and its dependencies!