Nethserver email alias dynamic when using groups

v7
mailserver
email

(Dennis Lloyd) #1

Hello everyone, I’ve been trying to narrow down a way to eliminate multiple systems in my networks down to two… Nethserver appears to fit the bill but I’m stuck on a couple things.

I use Univention Corporate Server for AD/LDAP auth and have installed NS joined to the domain. so far I installed webtop, sogo, and roundcube to see which one works the best.

I am having a problem figuring out how to email an LDAP group, which is pulled from the UCS server when I create an ‘email alias’. The problem for me, is that it appears it is static and will never be updated as i add/remove account from the groups on UCS.

Webtop doesn’t appear to support groups at all so I think that is out, SoGo I have also having issues configuring the templates-custom, and expanding… I can see the groups, but cannot email any of them.

it almost appears i must use email alias, but having to remember to update it each time I add / remove a user is a bit of a pain.

Hopefully someone has an idea or i’m just doing it wrong.


(Davide Principi) #2

I understand what you need is a “shared mailbox”, where group members can read the messages of the group. It differs from a mail alias that duplicates a message for multiple recipients, which is “static” as you noticed.

More info

http://docs.nethserver.org/en/v7/mail.html#email-addresses


(Dennis Lloyd) #3

hi David, thanks for the idea but a shared mailbox won’t work for us. I still have to maintain who gets emails by adding the shared box or removing it when they don’t need it. As well, I have noticed the shared box doesn’t appear on all clients, i have a mix of outlook, mobile and web based. With my current mailserver the list is dynamic, if I add a member to an LDAP/AD group they automatically receive a message sent to the "members@domain.com" . If i remove them from the ldap group, they will no longer receive the emails. there will be other people maintaining this as well who are NOT computer savy at all… the more automated I can make this the better.

how about a feature request where the system updates the alias members on a schedule, or when an email is sent to the alias??


(Davide Principi) #4

If the shared mailbox (which should be visible under the IMAP Public namespace) is not displayed by new group members, I think it is a #bug. Which clients do/don’t display it as expected?

It could be possible by configuring a cron job, but I’d prefer fixing existing features instead of developing a new one. You could set up as a customization for your environment though, it shouldn’t harm.


(Dennis Lloyd) #5

I will have to re-configure a test on my sandbox and see. I did try using a shared box as a workaround a while ago. however management is the biggest issue as I am trying to do less work maintaining mail and automating as much as possible using UCS and AD/LDAP. My personal view, if Nethserver is joined to a domain, it should take advantage of the domain features instead of maintaining another separate system. 99% of it works great for what I am doing, the last stumbling block is emailing an LDAP group.

An example is say… nextcloud. the LDAP configuration works great, if I add a user account to a specific group in UCS, the member can access nextcloud and/or view shared files. If i remove them from the UCS group, that person can no longer view, or even log into Nextcloud.

I am appreciative of everything Nethserver is, please don’t get me wrong :slight_smile: I’m just stumbling on a couple things that I think should work better when integrating into a domain.


(Dennis Lloyd) #6

I will put this into context for my own application of Nethserver joined to my UCS Domain.

We are a volunteer Fire/Rescue organization and we have a mix of members and notifications that go out to various members.

First Responder - Medical
Special Operations - High Angle Rope / Confined Space ect ect…
Firefighters
Officers
Administrative Staff.

As members come and go, advance to different roles or are promoted to an officer position they will receive different emails based on training, operations, 911 notifications, incident reports, among others.

Should I find a new training course intended ofr Special Ops I currently send an email to the LDAP group “dl_SpecialOperations” Only members receive the emails. our Regional district may want to send a request for invoices, billing which will only go to Chief Officers “dl_ChiefOfficers”, 911 notifications go to “dl_RespondingMembers” Incident reports after a call is closed go to “dl_Officers” and “dl_AdminAssistant”

having to remember which group to manually add or remove on two systems is much more difficult for the others who I am giving access too so they can help.

If i’m able to just add or remove a particular user in the UCS groups, I’m hoping Nethserver can sill use the mail alias which I would only need to configure once, as users are added or removed to groups with a checkmark and click of a submit then they will receive, or not receive an email intended for group members.

UCS is a great system as a replacement to MS AD, the takeover feature works excellent, however I don’t want all my bacon in the same frying pan and nethserver will keep services running if I have a major failure of UCS.

Currently I have 5… (used to be 7) different systems working together under various ESXi virtual machines with a mixture of Operating Systems… my end goal is consolidation into 2 systems spread over redundant ESXi host servers

Hope that helps clarify


(Davide Principi) #7

Yes you supplied important background information.

Please answer this question too because it’s important to choose the right solution!


(Dennis Lloyd) #8

HI David, I will work on getting those results too you soon as I can. I need to reconfigure my sandbox virtual network from snapshots. I expect I should have it in roughly a week.


(Dennis Lloyd) #9

Hey David, I was finally able to get to my testing again… I just attempted to share an inbox of one member, from withing SOGo, giving full access to me and I cannot see it.

But, you hinted it sits in the IMAP namespace, I am using Gmail on android connecting with EAS / SOGo, Outlook with EAS, and tried Bluemail EAS.

I have not been using IMAP exclusively for email for quite some time.

as it’s using activesync, perhaps this is why I cannot see the folders?

I have a “shared mailboxes” folder, however nothing is shown, and I am still seeing errors when trying to view this folder in SOGo. (Shared Mailbox / SoGo is denied)

Each time I click on shared folders, I see that error message.