Multi-domain email server

rgmhtt · 2018-12-11 21:16:52 UTC

I need true multi-domain mail server support.

This is where joe@foo.com is a totally different entity than joe@bar.org

I have this today using postfixadmin

And have since 2009. It does the job with an SQL database (I use MariaDB). The maintainer has never put in LDAP support. You can see how I run it be looking at:

http://medon.htt-consult.com/Centos7-mailserver.html

I got the Odroid-HC1 to replace my current CubieTruck server that is back on RedSleeve6 and really in need of replacing. I would like to do this on top of Nethserver, but true multi-domains is a MUST.

With some guidance, I could perhaps do the integration, but I will need a LOT of guidance. My current setup was a major effort on multiple mailing lists…

davidep · 2018-12-11 21:30:21 UTC

Hi Robert,

You can already achieve it, by defining two mail aliases that point to two distinct user mailboxes!

As prerequisite the two Email > Domain have to be defined, as explained here

http://docs.nethserver.org/en/v7/mail.html#domains

rgmhtt · 2018-12-11 22:11:15 UTC

So joe@foo.com logs into the IMAP server from his client (Thunderbird) as joe@foo.com. And joe@bar.org logs into the IMAP server from his client (Outlook) as joe@bar.org?

Mail headers all reflect these names, though the server is mail.foobar.net

The users can change their passwords at least via Roundcubemail change password function.

These users are independent (if desired) from any other users configured on the Nethserver.

Mail to info@foo.com can be copied/forwarded to users joe@foo.com and sally@techsupport.com (which might not even be on the server).

If I can do the above items, I will work up testing. Right now I can only create subdomains from my htt-consult.com domain. It would be a bit to get the owners of the domains I provide email support to to create subdomains for testing purposes. Migration will be a separate issue…

saitobenkei · 2018-12-12 07:31:35 UTC

Maybe this example can help a bit:

rgmhtt · 2018-12-12 13:27:05 UTC

And what do I do if I have joe.smith@foo.com and joe.smith@bar.org. I actually already have duplicates. With my current setup, the login is user@domain so there is never a problem of dealing with identical user names that are different individuals in different domains.

davidep · 2018-12-16 23:25:02 UTC

This is not possible with the current NethServer config, but could be achieved with a custom-template. If somebody wants to try it, I can write down an how-to…

I don’t know what headers are sent, but I’m also not sure what are you aiming to here: can you make an example?

Not available, but there’s another thread about this: Users change password remotely?

rgmhtt · 2018-12-17 19:04:36 UTC

Well this is a critical requirement as I have had such a situation since '98 and have supported it with no problem. So if all the other requirements could be met, let’s do this.

I am going to have play around and look at my current message headers, then compare them when I do some testing with your setup.

Two separate things here. First changing password. I read the post you refer to. Roundcube can have scripts for password changing. We should be able to setup that ldap change in the password plugin. Requiring users to use Roundcube for password change rather than their remote client is acceptable.

For the mail copying, I think the Dovecot sieve function can be used. There is a way to have a sieve by user account. In fact I think Roundcube lets you edit the user’s sieve. So a template that sets up a sieve for a user to copy emails should be rather that the more direct postfix method I use now.

I am willing to work toward this. Once I have a way to put up a server on my new Odroid.

davidep · 2018-12-21 17:31:53 UTC

You need a template-custom and an additional file, please check this gist:

gist.github.com

https://gist.github.com/DavidePrincipi/d3dd525344d7761e0dd171ce97ae1d54

19custom_login_aliases

# in /etc/e-smith/templates-custom/etc/dovecot/dovecot.conf/19custom_login_aliases
#
# 19custom_login_aliases
#
passdb \{
  driver = passwd-file
  args = /etc/dovecot/login-aliases
\}

login-aliases

# in /etc/dovecot/login-aliases
pseud01@example.com:::::::user=john noauthenticate
# ...

then run

 signal-event nethserver-mail-server-save

You can authenticate as pseud01@example.com and become “john”

rgmhtt · 2018-12-23 21:13:18 UTC

This does not scale. Every user for every domain will need an alias. I will have to work out a general mapping of joe@foo.com to joe…foo.com in such a way that it works consistently. And then a large sequential file needs to be searched. Just does not scale.

The user@domain should be part of the ldap schema and can be authenticated as such.

I hope to spin up the Cubietruck server this week and take a closer look. But it is not promising as a mail server for my needs.