A client of mine decided to use Postfix as a SmartHost for Exchange 2010. This Exchange environment is to be setup as a multi-tenant Exchange environment and as a result the Postfix servers need to understand which SMTP domain namespaces are authoritative within the Exchange environment. As a result we needed to configure the Linux Postfix server to query Active Directory to determine a list of "Accepted Domains" within Exchange 2010 which are located under the following location within the Active Directory schema.
CN=Accepted Domains,CN=Transport Settings,CN=TSTHOSTING,CN=Microsoft Exchange,CN=Services,CN=Configuration,DC=domain,DC=local
The linux distribution used for this config is Ubuntu.
Software packages required:
A seperate configuration file was put together called ad_relay_domains.cf which we placed under /etc/postfix/ad_relay_domains.cf
relay_domains = _ldap:/etc/postfix/ad_relay_domains.cf
Credits for this solution go to Daniel Borg.
CN=Accepted Domains,CN=Transport Settings,CN=TSTHOSTING,CN=Microsoft Exchange,CN=Services,CN=Configuration,DC=domain,DC=local
The linux distribution used for this config is Ubuntu.
Software packages required:
- postfix
- postfix-ldap
- ldap-utils
- libldap-2.4-2
A seperate configuration file was put together called ad_relay_domains.cf which we placed under /etc/postfix/ad_relay_domains.cf
server_host = 192.168.1.2
server_port = 389
version = 3
bind = yes
start_tls = no
bind_dn = Administrator
bind_pw = MyPassw0rd (__mailto:MyPassw0rd)
search_base = cn=Accepted Domains,cn=Transport Settings,cn=TSTHOSTING,cn=Microsoft Exchange,cn=Services,cn=Configuration,dc=domain,dc=local
scope = sub
query_filter = (msExchAcceptedDomainName=%s)
result_attribute= msExchAcceptedDomainName
server_port = 389
version = 3
bind = yes
start_tls = no
bind_dn = Administrator
bind_pw = MyPassw0rd (__mailto:MyPassw0rd)
search_base = cn=Accepted Domains,cn=Transport Settings,cn=TSTHOSTING,cn=Microsoft Exchange,cn=Services,cn=Configuration,dc=domain,dc=local
scope = sub
query_filter = (msExchAcceptedDomainName=%s)
result_attribute= msExchAcceptedDomainName
- Server_Host enter the IP address of an AD Domain Controller
- Server_Port needs to be the standard port for LDAP
- version must be 3
- Bind, yes we are creating an LDAP bind.
- Start_TLS, we are not using a digital certificate on Active Directory (pretty standard). TLS is more common with AD LDS/ADAM Instances as they are not protected using Kerberos v5.
- bind_dn enter the user account you wish to bind to Active Directory with.
- bind_pw is the password that goes with the user account specified under bind_dn. You must enter it in "password (__mailto:password)" format.
- search_base is the location in Active Directory where Exchange 2010 stores its accepted domains.
- scope specifies all sub objects
- query_filter is the attribute on the accepted domain objects we wish to query.
- result_attribute is the attribute we are interested in the query result.
relay_domains = _ldap:/etc/postfix/ad_relay_domains.cf
Credits for this solution go to Daniel Borg.
Clint,
ReplyDeleteI'm in a situation whereby my company (@domain1.com) has just purchased another company (@domain2.com). domain1 uses Exchange and domain2 uses Postfix. We want to give all domain2 employees a domain1 email address and discontinue using domain2 address, yet keep the Postfix server to host that company's mail.
Essentially, everyone at both companies will have a domain1 email account, yet the mail database for domain1 needs to be Exchange and the mail database for domain2 needs to be Postfix.
Is there a way to look at inbound emails and relay them to the appropriate server? How do I ensure outbound mail from the domain2 employees use domain1.com?
Many thanks.
You want SMTP Namespace Sharing. Check out:
ReplyDeletehttp://blog.mimecast.com/2011/06/guest-post-migrating-between-email-servers-smtp-namespace-sharing/