Managing Domains
Creating a Domain Alias
If you have a domain domain.com and you want the domain example.com to be an alias for it, so that sending mail to user@example.com is the same as sending mail to user@domain.com (delivered to the same mailbox), you can designate example.com as a domain alias when creating the domain. Starting with ZCS 5.0.16, it is also possible to authenticate using an alias domain (log in as user@example.com), and out-of-office replies notifications can occur for messages sent to addresses in an alias domain (mail to user@example.com will generate an out-of-office reply). The examples assumes domain.com already exists, but example.com does not.
Objective | attributes necessary on alias domain entry in ldap | version when first available |
---|---|---|
mail delivery to alias domain | zimbraMailCatchAllForwardingAddress | |
authentication using alias domain | zimbraDomainAliasTargetId | 5.0.16 |
out-of-office notifications sent | zimbraMailCatchAllForwardingAddress,zimbraDomainAliasTargetId | 5.0.12 |
Prior to ZCS 5.0.16
zmprov createDomain example.com zimbraDomainType alias zimbraMailCatchAllAddress @example.com zimbraMailCatchAllForwardingAddress @domain.com
ZCS 5.0.16 and later
A new command is available to create an alias domain. The basic form allows authentication against the alias domain. If you would like to create a functional domain alias, skip to the next step.
Usage: zmprov createAliasDomain {alias-domain-name} {local-domain-name|id} [attr1 value1 [attr2 value2...]] Example: zmprov createAliasDomain example.com domain.com
The createAliasDomain command does not set the zimbraMailCatchAllForwardingAddress (which was the sole objective in the pre-5.0.16 alias domain). In order to allow message delivery to the alias domain, it is still necessary to explicitly include a forward to the local target domain.
Usage: zmprov createAliasDomain {alias-domain-name} {local-domain-name|id} zimbraMailCatchAllForwardingAddress @{local-domain-name|id} [attr1 value1 [attr2 value2...]] Example: zmprov createAliasDomain example.com domain.com zimbraMailCatchAllForwardingAddress @domain.com
Relaying/Domain Forwarding
If you want the Zimbra server to relay all mail destined for a particular domain (say, example.com) to another mta (say, other-mta.domain.com), you can forward the domain.
zmprov md example.com zimbraMailCatchAllAddress @example.com md example.com zimbraMailCatchAllForwardingAddress @example.com md example.com zimbraMailTransport smtp:other-mta.domain.com
I think you can also do this as another way to make a sort of local domain alias:
zmprov md example.com zimbraMailCatchAllAddress @example.com md example.com zimbraMailCatchAllForwardingAddress @domain.com md example.com zimbraMailTransport lmtp:zimbra.domain.com
For non-zimbra domains, this might prove useful as well: Transport_Table_for_external_servers
Removal of Relaying/Domain Forwarding
If at a later date you wish to remove the domain forwarding/catchall address run the following commands:
zmprov md domain.com zimbraMailCatchAllAddress "" zmprov md domain.com zimbraMailCatchAllForwardingAddress "" zmprov md domain.com zimbraMailTransport lmtp:server.domain.com:7025
Where domain.com is your domain and server.domain.com is the FQDN (Fully Qualified Domain Name) of your Zimbra server.
Domain Catchall
If you want to set up an account "user@domain.com" to catch any mail not delivered to existing users in the domain "domain.com", you can configure the account as a domain catchall.
su - zimbra zmprov modifyAccount user@domain.com zimbraMailCatchAllAddress @domain.com
If the users "john@domain.com", "webmaster@domain.com", and "xyznobody@domain.com" don't exist, and mail arrives for them, it will be delivered to the catchall account "user@domain.com". This will increase the amount of spam delivered, and can lead to being blacklisted. To remove the catchall from an email account, unset the catchall address:
zmprov modifyAccount user@domain.com zimbraMailCatchallAddress ""
Domain Masquerading
If you want mail from user@domain.com or user@zimbra.domain.com to appear to come from user@example.com, you can set the canonical address for the entire domain.
zmprov md domain.com zimbraMailCatchAllAddress @domain.com zimbraMailCatchAllCanonicalAddress @example.com zmprov md zimbra.domain.com zimbraMailCatchAllAddress @zimbra.domain.com zimbraMailCatchAllCanonicalAddress @example.com
Additional
out of office notifications
5.0.12+ allows some additional mapping of real to alias in order to:
A) Allow auth with alias domain addresses.
B) Send out-of-office notifications for alias domains.
zmprov md aliasdomain.com zimbraDomainAliasTargetId {zimbraId-realdomain.com}
single command
5.0.16+ added the ability to do this (above) in one command:
zmprov createAliasDomain(cad) {alias-domain-name} {local-domain-name|id} [attr1 value1 [attr2 value2...]]
cad sets zimbraDomainType, zimbraDomainAliasTargetId, & zimbraMailCatchAllAddress
(if you want to forward mails from aliasdomain.com to realdomain.com you need to add zimbraMailCatchAllForwardingAddress)
zmprov cad aliasdomain.com realdomain.com zimbraMailCatchAllForwardingAddress @realdomain.com
Email to non-existant accounts
Currently we automatically accept email for alias domains and then generate a bounce. This has the potential for backscatter abuse and we'd like to close this hole for hosted and still be able to offer alias domains without adding aliases to each account.
/opt/zimbra/conf/zmmta.cf smtpd_reject_unlisted_recipients 'yes' won't work with alias domains, so it's defaulted to no. (Perhaps later we'll flip this.)
However, 5.0.12+ contains a Policyd Daemon that helps those who host alias domains in ZCS.
To enable the policy daemon:
zmlocalconfig -e postfix_enable_smtpd_policyd=yes zmprov mcf +zimbraMtaRestriction "check_policy_service unix:private/policy" postfix stop postfix start
(The + symbol on the zmprov command is important, else you will wipe any other existing values.)