alpha… is written into the MX Record, correct. alpha.yourdomain.org has a permanent ip address.
Thanks for answering.
Then, again: how alpha.yourdomain.org deliver messages to beta.yourdomain.org?
Or is beta.yourdomain.org fetching from the VPS server?
Hmm, that doesn’t work here. The sending mail system says:
“Recipient address rejected: undeliverable address: host mail.hassun.de[/var/run/dovecot/lmtp] said: 550 5.1.1 <r…@ha…de> User doesn’t exist.”
Are all users at the final destination also necessary in the relaying NS? Or how can I tell dovecot to accept all users with an address belonging to this domain?
Hi @rasi
The solution is VERY simple.
In Nethserver Mail, add in a second domain for the second mailserver, and there you can forward ALL mails to Domain B. Here you CAN use IPs…
No server needs to know the others users…
My 2 cents
Andy
1 Like
Hi,
I’m not sure if I get you right.
I have now 2 domains in Mail already: example.org and mail.example.org (both to forward all mails to the IP of the final mailserver).
And I also created the final mailserver as a relay host for all mails sent to @example.org.
Is there something too much or is anything wrong?
Cheers,
Ralph
This is wrong!
Do both servers belong to the same domain? This also cannot work!
My 2 cents
Andy
Okay, I deleted the relay host. The two domains belong to the same domain indeed. The MX record points to mail.example.org.
What is wrong here?
The second mailserver is named mails.example.xyz. It collects and distributes the mails to users with a @example.org address.
Mail is defined by the RFCs… And they specify a maildomain, not a mailserver.
Sure mail needs mailservers, but you can’t split it up by the same domain.
One server will in the get all mail, the other will get none!
Ask yourself, if my maildomain is defined by a Domain (mail.domain.org counts as a hostname…), how can the system possibly decide where to forward the mails to?
Why not have a single mailserver with several domains?
Much easier, and works out of the box, especially as you are sticking to the RFCs…
My 2 cents
Andy
All mails are to be forwarded to a remote system with a VPN tunnel address.
The idea is once more to have NS (in a VPS) act as a mail gateway which checks all mails for the domain ‘example.org’ for spam and virusses and then forwards the mails to the local network somewhere else. With Xeams on a ubuntu server that worked quite well. (I’m migrating now just for certificate reasons.)
BtW, our domain “example.org” is officially registered.
That CAN be done easily (Central Mailgateway).
But you can’t specify different servers for different users, it’s either all or nothing.
Besides which, example.org belongs to ICANN, I do have my doubts you’re woking for them. 
As you’re so secretive about your domains, even though you can’t get it to work, but we have no option to look or check at your DNS settings like this.
My 2 cents
Andy
Oh sorry! You got me wrong. I’m not talking about different servers for different users. And I do not mean to be secretive about our domain at all. The real name is ‘hassun.de’.
So pls help me to take NS to the point that it acts as a Central gateway. That is all I need.
Cheers,
Ralph
DNS must point only to the VPS, I’ll call it mail.hassun.de for the moment. (Only one MX record, and a single mailserver entry)
Ths VPS must have Domainmail forwarding active, to an Internal IP, not accessible from the Internet.
This is what a Site2Site VPN is used for, your choice of Wireguard was wise, just not your implementation!
Remove any other Mail-Domain entry on the VPS! This is for local mail, on the VPS! and you don’t want that! I think this is your Key issue!
The onsite mailserver needs to use the VPS as outbound mailgateway.
The on site server needs to have the VPS IPs in trusted networks.
Due to the fact that internal servers add in their nam to the SMTP helo, you also need CNAMES pointing to the VPS to alleviate this issue. Their trust level would be almost zero otherwise!
That should help!
My 2 cents
Andy
NethServer is basially designed as a compact, pwereful All-In-One server, specifically for SME (KMU, as you’re from Germany!).
I also use it for a lot of tasks, because the good internal logic makes it faster than eg using a Debian out of the box. NethServer is very powerful.
For forwarding mail,use hassun.de, as mail is handled by mail-domains. But the target must be an IP…
So, still the same error:
‘/var/run/dovecot/lmtp] said: 550 5.1.1 ralph@hassun.de User doesn’t exist’
Should I uninstall dovecot maybe?
No, the server still has a “local” entry somewhere, try a reboot.
There must be no local maildomain entry under Domains in Mail.
Rule of Thumb:
The VPS has no mail accounts, but handles mail for another server.
You still have an entry somewhere.
Maybe check /var/lib/nethserver/db, specfically configuration if there any old zombie entries regarding mail, and remove them!
It still does not work.
Does it make sense to uninstall the email module in total?
Or do I need to use a different NS FQDN istead of mail.hassun.de before I can establish mail forwarding for hassun.de?
An individual server should not use the name mail as Hostname. Use something like
hade-nethserver.hassun.de
and have mail.hassun.de as an A record (Mailservers must be an A record, not a CNAME) pointing to the same IP.
I’d reinstall the whole server, it will just work!
My 2 cents
Andy
I need to go offline now, may be back later on.
Good Luck!
Have a nice evening!