Postfix and Exchange 2000 1

[dwpondscum]

Hello!

I am trying to setup Postfix 2.0.12 and Exchange 2000 to communicate with each other. Postfix is running on a SuSE machine connected to our ISP and also connected to our internal network. Exchange is running on our internal domain controller (which is the only server).

Eventually I will setup filters for spam, valid mailbox, etc. However, right now simply sending all of the mail through Postfix to Exchange will work. I also need to have the user on Exchange send mail through Postfix. I have searched through the forms and found some help.

In Exchange I have setup a connector in the Exchange System Manager. I have the following settings:
Forward all mail through this connector to host: postfixipaddress
local bridgeheads: domaincontroller (default SMTP virtual Server)
Address Space: type=SMTP address=my_domain cost=1
Connector scop: entire organization

I am not sure exactly what to do in Postfix. I have tried using relayhost=exchangeipaddress:25 in /etc/postfix/main.cf, from a forum listing, but that has not been successful.

I am semi-familiar with postfix, but very new with Exchange and Active Directory.

Any assistance would be greatly appreciated!

David W

 

[bluegroper]

Have you tried forum858 ??

 

[usige]

David,
First let me state what I think you are tring to do. Based On those assumptions I'll give you my solution.

It sounds like you are just trying to use postfix as a mail gateway. i.e. all outbound e-mail originates in exchange and passes out to the internet via postfix. In bound mail arrives on postfix but should then be passed on to exchange. At no time should postfix be a final destination for domain mail.

Ok, that said here is my solution:

Make sure you have your domain in relay_domains:

relay_domains = your-domain.com

Setup a transport map to deliver mail to exchange:

transport_maps = hash:/etc/postfix/transport

Create transport map:
in /etc/postfix/transport add lines similar to this.

your-domain.com smtp:[exchange.your-domain.com]

run:

postmap /etc/postfix/transport

The first 2 parms go in main.cf . It is important that your exchange server name is encloded in [ ]'s. If it's not then postfix does an MX record look-up on the domain and points back to it self. This might cause it to go into a loop.

Hope that helps and let me know if you have problems, my relay knowledge is a little rusty.

 

[dwpondscum]

Thanks for the response. I attempted the above as recommended by usige. Now I have the following in my mail log file. I do not know how transport.db fits into everything.

Jul 17 14:09:34 mail postfix/cleanup[1289]: warning: database /etc/postfix/virtual.db is older than source file /etc/postfix/virtual
Jul 17 14:09:34 mail postfix/smtpd[1288]: 2BFEA133F5: client=law11-oe55.law11.hotmail.com[64.4.16.63]
Jul 17 14:09:34 mail postfix/trivial-rewrite[1290]: warning: database /etc/postfix/virtual.db is older than source file /etc/postfix/virtual
Jul 17 14:09:34 mail postfix/trivial-rewrite[1290]: fatal: open database /etc/postfix/tranport.db: No such file or directory
Jul 17 14:09:35 mail postfix/master[1013]: warning: process /usr/libexec/postfix/trivial-rewrite pid 1290 exit status 1


David W

 

[usige]

Sound like the postmap didn't run correctly. Try rerunning it per my previous post. After running look in /etc/postfix for transport.db. Please post any eror messages that postmap produces. Also you might want to run postmap on /etc/postmap/virtual.

 

[dwpondscum]

I confirmed that the following lines are in my /etc/postfix/main.cf file:
relay_domains = mail.fddisystems.com
transport_maps = hash:/etc/postfix/transport

I have a file /etc/postfix/transport that contains only:
mail.fddisystems.com smtp:[192.168.0.105:25]

At the command shell I enter the following:
postfix reload
postmap /etc/postfix/virtual
postmap /etc/postfix/transport

There was not an error generated within the command shell. I deleted the contents of the mail log before the procedure. I checked and /etc/postfix/transport.db does exist and has a file size of 12KB. My /etc/postfix/virtual file is empty. Though /etc/postfix/virtual.db does also exist. I did not have any errors in the mail log.

Previously I had been using Cyrus IMAP (which is still setup) and in main.cf had mailbox_transport = cyrus. For transport to Exchange, I had commented out mydestination and mailbox_transport in main.cf and also local in master.cf. When I attempted to send an email I viewed the log, which showed the remote server connection, and recieving the message to the user. However, the message bounced saying user not found. When I uncommented the three items from above, the message was sent to cyrus.

to=<name@domain.com> relay=local, delay=22, status=bounced (unknown user: &quot;name&quot;
to=<name@domain.com> relay=cyrus, delay=2, status=sent(mail.domain.com)

Is there any relay commands for master.cf that need to be sent. It seems like now the transport is working, but also like I am missing something else. I have also sent a post to the Exchange 2000 forum here, with out response.

MUCH Thanks for your help!!

David W

 

[MorpheusNL]

usige is on the right track

But :
Try using a internal DNS with

MX 10 [exchange-host] and
MX 20 [postfix-host]

So that the postfix thinks it's a backup-mailexchanger

 

[stdcxv12]

I have a very similar problem to the one above and have tried getting postfix to work but have had difficulties. Any help would be sincerely appreciated.

I am trying to setup Postfix 2.0.14 and Exchange 2000 to communicate with each other. Postfix is running on a RH 7.3 machine connected to our ISP and also connected to our internal network. Exchange is running on our internal domain controller.

I would simply like to use postfix as an email gateway to our exchange server.

This is what I've done so far. Installed Postfix per instuctions at

http://www.redhat.com/support/resources/howto/RH-postfix-HOWTO/book1.html

and I've used usige's instructions above but keep getting errors in my maillog.

Below are my maillog, main.cf, and transport_map files:

MAILLOG FILE:
I can't seem to overcome below problem:
Sep 2 14:24:29 www postfix/smtpd[23374]: connect from unknown[69.24.239.32]
Sep 2 14:24:29 www postfix/smtpd[23374]: A444988B85: client=unknown[69.24.239.32]
Sep 2 14:24:29 www postfix/smtpd[23374]: A444988B85: reject: RCPT from unknown[69.24.239.32]: 450 <david.dameron@ci.huntsville.tx.us>: User unknown in local recipient table; from=<AS//SQYBAQAEg0kB9QAAAAABAAAGBg@11freeprize.com> to=<david.dameron@ci.huntsville.tx.us> proto=SMTP helo=<out012.tpcper.com>
Sep 2 14:24:30 www postfix/smtpd[23374]: disconnect from unknown[69.24.239.32]
Sep 2 14:28:55 www postfix/smtpd[23372]: timeout after RSET from unknown[165.91.236.11]
Sep 2 14:28:55 www postfix/smtpd[23372]: disconnect from unknown[165.91.236.11]

MAIN.CF FILE:
queue_directory = /var/spool/postfix
command_directory = /usr/sbin
daemon_directory = /usr/libexec/postfix
mail_owner = postfix
default_privs = nobody
myhostname =

http://www.ci.huntsville.tx.us

mydomain = ci.huntsville.tx.us
myorigin = $mydomain
inet_interfaces = all
mydestination = $myhostname, localhost.$mydomain, $mydomain
unknown_local_recipient_reject_code = 450
mynetworks = 10.0.33.1/16, 127.0.0.0/8
relay_domains = ci.huntsville.tx.us, huntsvilletx.gov
transport_maps = hash:/etc/postfix/transport
relayhost = [10.0.64.2]
alias_maps = hash:/etc/postfix/aliases
alias_database = hash:/etc/postfix/aliases
mail_spool_directory = /var/spool/mail
mailbox_command = /usr/bin/procmail
local_destination_concurrency_limit = 2
default_destination_concurrency_limit = 10
debug_peer_level = 2
debugger_command =
PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin
xxgdb $daemon_directory/$process_name $process_id & sleep 5
sendmail_path = /usr/sbin/sendmail.postfix
newaliases_path = /usr/bin/newaliases.postfix
mailq_path = /usr/bin/mailq.postfix
setgid_group = postdrop
manpage_directory = /usr/share/man
sample_directory = /etc/postfix/samples
readme_directory = /etc/postfix/README_FILES
alias_database = hash:/etc/postfix/aliases
alias_maps = hash:/etc/postfix/aliases

TRANSPORT_MAP FILE:
ci.huntsville.tx.us smtp:[10.0.64.2]

 

[CraigBoyer]

Message to last sender - STDCXV12. I believe your problem is in your mynetworks = 10.0.33.1/16 line. In Postfix version 1.x this is Ok, but in version 2.x the fourth octet has to be &quot;0&quot; or my networks = 10.0.33.0/16 (or /8 or /16 or /24), 127.0.0.0/8. That should take care of the problem.

 

[hcotech]

Hello All,

I too am thinking about a very similar setup using Postfix and Exchange 2000. I want to make certain that this is viable though.

Can I have Postfix accepting mail (on a public IP) for my Exchange Server which is hidden on my internal network and then scanning for spam / virus content before relaying the email to Exchange?

I believe this is a simple mail relay setup.

 

[lgarner]

Yes. That's exactily what I have it doing.

 

[hcotech]

OK, so it is being done. Cool.

Now, I've tried MSExchange.org, Slipstick.com, Labmice.net as well as here on Tek-tips and I've found a bunch of good stuff. Unfortunately the info is a bit fragmented, I've yet to find any kind of A-Z guide walking through all the issues that need to be addressed.

Are there any good FAQs on the subject out there?

- or since I swear I'm not lazy and looking for a free ride -

Does anyone know of a free and easy way (as in less than 15 min) to set up a test "lab" for the Exchange side of things? I think I've got the Linux/Postfix side covered.

I'm pretty much a newbie (god help us) when it comes to all these mail related issues. Basic setup is about all I've been exposed to so far, but I am willing to roll-up my sleeves to learn if I know where to find the resources necessary.

thanks in advance....

 

[lgarner]

http://www.advosys.ca/papers/postfix-filtering.html

is the basis of my setup. I don't use the Anomy sanitizer, so I modified the filter.sh script to just call spamc for spam filtering.

That should get you started.

Exchange doesn't need any setup to receive mail from the gateway. If you want to relay outbound mail through it, then add the gateway under the SMTP server properties in the Exchange System Manager.

 

[hcotech]

Thanks lgarner.

A quick preview of the link you provided looks very promising. I don't necessarily care if outbound mail is filtered at this point, I think that'll make things a bit simpler as well.

I'm assuming that I should be able to set this up as a dummy domain internally (eg mail.example.com) for testing as a relay prior to placing it in front of my Exchange server. Since all I plan on doing is sending mail to my Exchange server, I'm thinking that should work with the proper transport settings. If that does work, then I'll add the filters and such to test those prior to making live on the net answering my domain's MX record ip.

With a little luck, I may just get this running before the weeks end.

 

[rliebsch]

I also have this running. Initially I had it set up so every user had an account on the linxu machine, so that that if/when the exchange server crashed, the mail could be retrieved by the users via POP/IMAP or SquirrelMail from the linux box.

Since then i have simplified (and possibly damned myself) by just having Postfix do the header, body, mime, and rbl checks, then forwarding it into the Exchange server, which then runs AV scans before delivering to the mailbox.

I let Exchange send its own mail, works well enough.

I have been doing things like this for about 5 years now. Works like a charm.

 

[rolanjabar]

I'm new to this forum. Maybe I should have started a new thread. Why would you want Postfix to act as gateway to Exchange? (We are 100% Postfix) I know that you have the calendaring thing common address book but you have that also in LDAP and in Mozillas calendar program. Yes you can do those nice things with syncing to Blackberries and other devices.

My point has always been, don't mess with internet mail using gateways since the reciepient will invariably mangle the crap out of it. I guess I am remembering my experience with CC:Mail Gateway for SMTP 15 years ago. Never want to go through that again.

I have been told that the Exchange group calendering is a real pain. Especially if you overlapping conflicts in scheduling. Is this correct?

 

[jkupski]

Why would you want Postfix to act as gateway to Exchange?

Because your management has mandated Exchange for whatever reason (usually the groupware features) and you don't want to expose the less secure windows box to the mercies of the internet?

My point has always been, don't mess with internet mail using gateways since the reciepient will invariably mangle the crap out of it. I guess I am remembering my experience with CC:Mail Gateway for SMTP 15 years ago. Never want to go through that again.

The world has progressed in the last decade.
Postfix/Amavis/SpamAssassin/etc relaying to an exchange box is actually quite a good combination.

 

[rliebsch]

The reason for having a bastion host, mail gateway, external mail handler, or whatever else you want to call it is this:

Security. Linux is easy to harden and "secure," Postfix is rock solid fast and secure. Windows 2000 and above with Exchange was very insecure.
Gratned leaps and bounds have been made in Windows 2003. I am sure a exceptionally savvy Windows Admin could lock it down if that was their fulltime job.

Redundancy. In the event that Exchange crashes, again less than it once did, your MX records will all still be valid, you can still recieve mail for your domain. If you configure it so everyone has an account on the linux box (with /sbin/nologin) ppl can POP or IMAP their new mail from the external server in the event of a catastrophic outage.

And Exchange isn't that bad. Its rough and tough to deal with sometimes, but the productivity gains are fiscally justified. And besides. It pays my salary which feeds the baby and keeps a roof over my head. *grin*


Robert Liebsch
Stone Yamashita Partners

http://www.stoneyamashita.com/

 

[diaxlee]

hi
sorry for my bad english
i have to set up a smtp postfix to relay mails for a exchange server with 3 differents domains
can i have help our suggestions

MUCH Thanks for your help!!!!!!

 

[jkupski]

i have to set up a smtp postfix to relay mails for a exchange server with 3 differents domains
can i have help our suggestions

Here's an excellent starting point:

http://www.flakshack.com/anti-spam/wiki/index.php