You can easily have a postfix relay server to manage emails for more than one domains but the aim here is to deliver an email coming in for one domain to two different servers. It is basically duplicating an email.
After applying the canonical and masquerade mappings, the cleanup(8) daemon can generate optional BCC (blind carbon-copy) recipients. Postfix provides three mechanisms:
- always_bcc = address
- Deliver a copy of all mail to the specified address. In Postfix versions before 2.1, this feature is implemented by smtpd(8), qmqpd(8), or pickup(8).
- sender_bcc_maps = type:table
- Search the specified “type:table” lookup table with the envelope sender address for an automatic BCC address. This feature is available in Postfix 2.1 and later.
- recipient_bcc_maps = type:table
- Search the specified “type:table” lookup table with the envelope recipient address for an automatic BCC address. This feature is available in Postfix 2.1 and later.
Note: automatic BCC recipients are produced only for new mail. To avoid mailer loops, automatic BCC recipients are not generated for mail that Postfix forwards internally, nor for mail that Postfix generates itself.
Automatic BCC recipients (including always_bcc) can be turned off selectively for mail received by smtpd(8), qmqpd(8), or pickup(8), by overriding main.cf settings in the master.cf file. This feature is available in Postfix version 2.1 and later.
/etc/postfix/master.cf: 127.0.0.1:10026 inet n - n - - smtpd -o receive_override_options=no_address_mappings
Note: do not specify whitespace around the “=” here.
MailScanner and Spamassassin
Create a ruleset for non-spam emails
To: domain.com deliver store-/var/archive/incoming/domain_com forward firstname.lastname@example.org
From: domain.com deliver store-/var/archive/outgoing/domain_com forward email@example.com
This will take any mail from domain.com deliver it to the intended user, store the email in a file in /var/archive/<direction>/domain_com and then send it to another email account.
If you want it to go to a seperate mail server you can edit the transport map for that subdomain that the mail is forwarded to point to another sub-domain and change “forward firstname.lastname@example.org” to “forward email@example.com”.
You can also do per user for the ruleset so you could do something like this.
To: firstname.lastname@example.org deliver store-/var/archive/incoming/domain_com forward email@example.com
From: firstname.lastname@example.org deliver store-/var/archive/outgoing/domain_com forward email@example.com
If you are really that concerned about it being the same “domain” the servers can “think” they are both part of the same domain but the server sending them the mail doesn’t have to. Just edit the hosts file of the server that is splitting the mail so it thinks it is on a subdomain.
What you *should* look at is the content_filter. The content filter is a simple server program that listens to a specific port and gets mail from postfix. It then filters whatever needs filtering, and optionally sends stuff back to the postfix with various options included. In the filter program, I would then simply forward the mail to the new server, and feed the mail back into to local postfix for delivery. This way, you can have a sort of postfix tee Have a look at amavisd for how to implement this. Also Perl programming comes in handy in this case.
In general your content_filter would be something like
smtp-tee unix – – y – 2 smtp -o smtp_data_done_timeout=1200
127.0.0.1:10025 inet n – n – – smtpd
-o smtpd_recipient_restrictions=permit_mynetworks,rej ect
This way, the server you implement listens on port 10024, gets the mail, and simply forwards it to port 25 on your new mail server. After that, it forwards it to port 10025 on the local server for further processing, that is: delivery.
Also, if you already have an antispam/antivirus configured, you can chain these elements (spamfilter and tee) by setting the content_filter parameter of one postfix input port to the other content_filter. So you can have antispam/antivirus checking done before you filter the mail to your tee.
method 4 (reported to not work in certain cases:
You can get postfix to send a copy of all email by adding this to your main.cf:
milter_default_action = tempfail
smtpd_milters = inet:ip_address_of_second_serverort_number
Our looks like:
milter_default_action = tempfail
smtpd_milters = inet:10.0.0.11:8092