Okay, I deleted the relay host. The two domains belong to the same domain indeed. The MX record points to mail.example.org.
What is wrong here?
The second mailserver is named mails.example.xyz. It collects and distributes the mails to users with a @example.org address.
Mail is defined by the RFCs… And they specify a maildomain, not a mailserver.
Sure mail needs mailservers, but you can’t split it up by the same domain.
One server will in the get all mail, the other will get none!
Ask yourself, if my maildomain is defined by a Domain (mail.domain.org counts as a hostname…), how can the system possibly decide where to forward the mails to?
Why not have a single mailserver with several domains?
Much easier, and works out of the box, especially as you are sticking to the RFCs…
My 2 cents
Andy
All mails are to be forwarded to a remote system with a VPN tunnel address.
The idea is once more to have NS (in a VPS) act as a mail gateway which checks all mails for the domain ‘example.org’ for spam and virusses and then forwards the mails to the local network somewhere else. With Xeams on a ubuntu server that worked quite well. (I’m migrating now just for certificate reasons.)
BtW, our domain “example.org” is officially registered.
That CAN be done easily (Central Mailgateway).
But you can’t specify different servers for different users, it’s either all or nothing.
Besides which, example.org belongs to ICANN, I do have my doubts you’re woking for them. 
As you’re so secretive about your domains, even though you can’t get it to work, but we have no option to look or check at your DNS settings like this.
My 2 cents
Andy
Oh sorry! You got me wrong. I’m not talking about different servers for different users. And I do not mean to be secretive about our domain at all. The real name is ‘hassun.de’.
So pls help me to take NS to the point that it acts as a Central gateway. That is all I need.
Cheers,
Ralph
DNS must point only to the VPS, I’ll call it mail.hassun.de for the moment. (Only one MX record, and a single mailserver entry)
Ths VPS must have Domainmail forwarding active, to an Internal IP, not accessible from the Internet.
This is what a Site2Site VPN is used for, your choice of Wireguard was wise, just not your implementation!
Remove any other Mail-Domain entry on the VPS! This is for local mail, on the VPS! and you don’t want that! I think this is your Key issue!
The onsite mailserver needs to use the VPS as outbound mailgateway.
The on site server needs to have the VPS IPs in trusted networks.
Due to the fact that internal servers add in their nam to the SMTP helo, you also need CNAMES pointing to the VPS to alleviate this issue. Their trust level would be almost zero otherwise!
That should help!
My 2 cents
Andy
NethServer is basially designed as a compact, pwereful All-In-One server, specifically for SME (KMU, as you’re from Germany!).
I also use it for a lot of tasks, because the good internal logic makes it faster than eg using a Debian out of the box. NethServer is very powerful.
For forwarding mail,use hassun.de, as mail is handled by mail-domains. But the target must be an IP…
So, still the same error:
‘/var/run/dovecot/lmtp] said: 550 5.1.1 ralph@hassun.de User doesn’t exist’
Should I uninstall dovecot maybe?
No, the server still has a “local” entry somewhere, try a reboot.
There must be no local maildomain entry under Domains in Mail.
Rule of Thumb:
The VPS has no mail accounts, but handles mail for another server.
You still have an entry somewhere.
Maybe check /var/lib/nethserver/db, specfically configuration if there any old zombie entries regarding mail, and remove them!
It still does not work.
Does it make sense to uninstall the email module in total?
Or do I need to use a different NS FQDN istead of mail.hassun.de before I can establish mail forwarding for hassun.de?
An individual server should not use the name mail as Hostname. Use something like
hade-nethserver.hassun.de
and have mail.hassun.de as an A record (Mailservers must be an A record, not a CNAME) pointing to the same IP.
I’d reinstall the whole server, it will just work!
My 2 cents
Andy
I need to go offline now, may be back later on.
Good Luck!
Have a nice evening!
PS you still need the Email module, and that includes dovecot.
Just removing dovecot will remove a lot! (deps)
Your server still thinks it has local accounts.
Hi @Andy_Wismer,
thank you so much for your patient assistance! As far as I can see it works now - receiving mails at least. If sending mails succeeds too has still to be proved.
Without your help I would have been lost and maybe had even dropped NS.
THANKS!
Cheers,
Ralph
1 Like
Hi Ralph
Check this, it can / will help other users:
My 2 cents
Andy
I’d love to but I don’t see the badge anywhere to mark a message as solved. Sorry!
Hi
Thats one of the reasons one should ALWAYS create an own post, not hijack some long dead post!
No matter!
Hi bm777.
I realise this a very old post but thought you might like to know how to get this done.
- Install Nethserver as server.domain.local
- Configure domain.com to point to external server (in my case 365)
- From System rename server to server.domain.com
I’m very new to NethServer so have no idea if this is a bad idea but mail flow is working properly.
Khulisa