Difference between revisions of "Managing Domains"

 
 
(27 intermediate revisions by 13 users not shown)
Line 1: Line 1:
==Creating a Domain Alias==
+
{{BC|Community Sandbox}}
 +
__FORCETOC__
 +
<div class="col-md-12 ibox-content">
 +
=Managing Domains=
 +
{{KB|{{Unsupported}}|{{ZCS 7.0}}|{{ZCS 6.0}}|}}
 +
{{Archive}}{{WIP}}
 +
=Creating a Domain Alias=
  
If you have a domain '''domain.com''' and you want the domain '''example.com''' to be an alias for it, so that sending mail to '''user@example.com''' is the same as sending mail to '''user@domain.com''' (delivered to the same mailbox), you can designate example.com as a domain alias when creating the domain. This example assumes domain.com already exists.
+
If you have a domain '''domain.com''' and you want the domain '''example.com''' to be an alias for it, so that sending mail to '''user@example.com''' is the same as sending mail to '''user@domain.com''' (delivered to the same mailbox), you can designate example.com as a domain alias when creating the domain. Starting with ZCS 5.0.16, it is also possible to authenticate using an alias domain (log in as '''user@example.com'''), and out-of-office replies notifications can occur for messages sent to addresses in an alias domain (mail to '''user@example.com''' will generate an out-of-office reply). The examples assumes domain.com already exists, but example.com does not.
  
 +
{| border="1"
 +
!Objective
 +
!attributes necessary on alias domain entry in ldap
 +
!version when first available
 +
|-
 +
|mail delivery to alias domain
 +
|zimbraMailCatchAllForwardingAddress
 +
|
 +
|-
 +
|authentication using alias domain
 +
|zimbraDomainAliasTargetId
 +
|5.0.16
 +
|-
 +
|out-of-office notifications sent
 +
|zimbraMailCatchAllForwardingAddress,zimbraDomainAliasTargetId
 +
|5.0.12
 +
|}
 +
 +
==Prior to ZCS 5.0.16==
 +
 +
<pre>
 +
zmprov createDomain example.com zimbraDomainType alias zimbraMailCatchAllAddress @example.com zimbraMailCatchAllForwardingAddress @domain.com
 +
</pre>
 +
 +
==ZCS 5.0.16 and later==
 +
 +
A new command is available to create an alias domain. The basic form allows authentication against the alias domain. If you would like to create a functional domain alias, skip to the next step.
 +
<pre>
 +
Usage:
 +
zmprov createAliasDomain {alias-domain-name} {local-domain-name|id}  [attr1 value1 [attr2 value2...]]
 +
 +
Example:
 +
zmprov createAliasDomain example.com domain.com
 +
</pre>
 +
 +
The createAliasDomain command does not set the zimbraMailCatchAllForwardingAddress (which was the sole objective in the pre-5.0.16 alias domain).  In order to allow message delivery to the alias domain, it is still necessary to explicitly include a forward to the local target domain.
 
<pre>
 
<pre>
zmprov cd example.com zimbraDomainType alias zimbraMailCatchAllAddress @example.com zimbraMailCatchAllForwardingAddress @domain.com
+
Usage:
 +
zmprov createAliasDomain {alias-domain-name} {local-domain-name|id} zimbraMailCatchAllForwardingAddress @{local-domain-name|id}  [attr1 value1 [attr2 value2...]]
 +
 
 +
Example:
 +
zmprov createAliasDomain example.com domain.com zimbraMailCatchAllForwardingAddress @domain.com
 
</pre>
 
</pre>
  
==Relaying/Domain Forwarding==
+
=Relaying/Domain Forwarding=
  
 
If you want the Zimbra server to relay all mail destined for a particular domain (say, example.com) to another mta (say, other-mta.domain.com), you can forward the domain.
 
If you want the Zimbra server to relay all mail destined for a particular domain (say, example.com) to another mta (say, other-mta.domain.com), you can forward the domain.
Line 26: Line 72:
 
md example.com zimbraMailTransport lmtp:zimbra.domain.com
 
md example.com zimbraMailTransport lmtp:zimbra.domain.com
 
</pre>
 
</pre>
 +
 +
For non-zimbra domains, this might prove useful as well: [[Transport_Table_for_external_servers]]
 +
 +
=Removal of Relaying/Domain Forwarding=
 +
 +
If at a later date you wish to remove the domain forwarding/catchall address run the following commands:
 +
 +
<pre>
 +
zmprov md domain.com zimbraMailCatchAllAddress ""
 +
zmprov md domain.com zimbraMailCatchAllForwardingAddress ""
 +
zmprov md domain.com zimbraMailTransport lmtp:server.domain.com:7025
 +
</pre>
 +
 +
Where domain.com is your domain and server.domain.com is the FQDN (Fully Qualified Domain Name) of your Zimbra server.
 +
 +
=Domain Catchall=
 +
 +
If you want to set up an account "user@domain.com" to catch any mail not delivered to existing users in the domain "domain.com", you can configure the account as a domain catchall.
 +
 +
<pre>
 +
su - zimbra
 +
zmprov modifyAccount user@domain.com zimbraMailCatchAllAddress @domain.com
 +
</pre>
 +
 +
If the users "john@domain.com", "webmaster@domain.com", and "xyznobody@domain.com" don't exist, and mail arrives for them, it will be delivered to the catchall account "user@domain.com". This will increase the amount of spam delivered, and can lead to being blacklisted. To remove the catchall from an email account, unset the catchall address:
 +
 +
<pre>
 +
zmprov modifyAccount user@domain.com zimbraMailCatchallAddress ""
 +
</pre>
 +
 +
=Domain Masquerading=
 +
 +
If you want mail from '''user@domain.com''' or '''user@zimbra.domain.com''' to appear to come from '''user@example.com''', you can set the canonical address for the entire domain.
 +
 +
<pre>
 +
zmprov md domain.com zimbraMailCatchAllAddress @domain.com zimbraMailCatchAllCanonicalAddress @example.com
 +
zmprov md zimbra.domain.com zimbraMailCatchAllAddress @zimbra.domain.com zimbraMailCatchAllCanonicalAddress @example.com
 +
</pre>
 +
 +
=Additional=
 +
==out of office notifications==
 +
 +
5.0.12+ allows some additional mapping of real to alias in order to:
 +
 +
A) Allow auth with alias domain addresses.
 +
 +
B) Send out-of-office notifications for alias domains.
 +
<pre>
 +
zmprov md aliasdomain.com zimbraDomainAliasTargetId {zimbraId-realdomain.com}
 +
</pre>
 +
 +
==single command==
 +
 +
5.0.16+ added the ability to do this (above) in one command:
 +
<pre>
 +
zmprov createAliasDomain(cad) {alias-domain-name} {local-domain-name|id} [attr1 value1 [attr2 value2...]]
 +
</pre>
 +
 +
cad sets zimbraDomainType, zimbraDomainAliasTargetId, & zimbraMailCatchAllAddress
 +
 +
(if you want to forward mails from aliasdomain.com to realdomain.com you need to add zimbraMailCatchAllForwardingAddress)
 +
<pre>
 +
zmprov cad aliasdomain.com realdomain.com zimbraMailCatchAllForwardingAddress @realdomain.com
 +
</pre>
 +
 +
 +
==Email to non-existant accounts==
 +
 +
Currently we automatically accept email for alias domains and then generate a bounce.  This has the potential for backscatter abuse and we'd like to close this hole for hosted and still be able to offer alias domains without adding aliases to each  account.
 +
 +
/opt/zimbra/conf/zmmta.cf smtpd_reject_unlisted_recipients 'yes' won't work with alias domains, so  it's defaulted to no. (Perhaps later we'll flip this.)
 +
 +
 +
However, 5.0.12+ contains a Policyd Daemon that helps those who host alias domains in ZCS. 
 +
To enable the policy daemon:
 +
zmlocalconfig -e postfix_enable_smtpd_policyd=yes
 +
zmprov mcf +zimbraMtaRestriction "check_policy_service unix:private/policy"
 +
postfix stop
 +
postfix start
 +
(The + symbol on the zmprov command is important, else you will wipe any other existing values.)
 +
 +
{{Article Footer|Zimbra Collaboration 7.0, 6.0|04/16/2014}}
 +
[[Category:Pending Certification]]

Latest revision as of 10:31, 12 July 2015

  1. Zimbra Tech Center
  2. Community Sandbox
  3. Managing Domains

Managing Domains

   KB 1474        Last updated on 2015-07-12  




0.00
(0 votes)

Creating a Domain Alias

If you have a domain domain.com and you want the domain example.com to be an alias for it, so that sending mail to user@example.com is the same as sending mail to user@domain.com (delivered to the same mailbox), you can designate example.com as a domain alias when creating the domain. Starting with ZCS 5.0.16, it is also possible to authenticate using an alias domain (log in as user@example.com), and out-of-office replies notifications can occur for messages sent to addresses in an alias domain (mail to user@example.com will generate an out-of-office reply). The examples assumes domain.com already exists, but example.com does not.

Objective attributes necessary on alias domain entry in ldap version when first available
mail delivery to alias domain zimbraMailCatchAllForwardingAddress
authentication using alias domain zimbraDomainAliasTargetId 5.0.16
out-of-office notifications sent zimbraMailCatchAllForwardingAddress,zimbraDomainAliasTargetId 5.0.12

Prior to ZCS 5.0.16

zmprov createDomain example.com zimbraDomainType alias zimbraMailCatchAllAddress @example.com zimbraMailCatchAllForwardingAddress @domain.com

ZCS 5.0.16 and later

A new command is available to create an alias domain. The basic form allows authentication against the alias domain. If you would like to create a functional domain alias, skip to the next step. 

Usage:
zmprov createAliasDomain {alias-domain-name} {local-domain-name|id}  [attr1 value1 [attr2 value2...]]

Example:
zmprov createAliasDomain example.com domain.com

The createAliasDomain command does not set the zimbraMailCatchAllForwardingAddress (which was the sole objective in the pre-5.0.16 alias domain). In order to allow message delivery to the alias domain, it is still necessary to explicitly include a forward to the local target domain. 

Usage:
zmprov createAliasDomain {alias-domain-name} {local-domain-name|id} zimbraMailCatchAllForwardingAddress @{local-domain-name|id}  [attr1 value1 [attr2 value2...]]

Example:
zmprov createAliasDomain example.com domain.com zimbraMailCatchAllForwardingAddress @domain.com

Relaying/Domain Forwarding

If you want the Zimbra server to relay all mail destined for a particular domain (say, example.com) to another mta (say, other-mta.domain.com), you can forward the domain. 

zmprov
md example.com zimbraMailCatchAllAddress @example.com
md example.com zimbraMailCatchAllForwardingAddress @example.com 
md example.com zimbraMailTransport smtp:other-mta.domain.com

I think you can also do this as another way to make a sort of local domain alias: 

zmprov
md example.com zimbraMailCatchAllAddress @example.com
md example.com zimbraMailCatchAllForwardingAddress @domain.com 
md example.com zimbraMailTransport lmtp:zimbra.domain.com

For non-zimbra domains, this might prove useful as well: Transport_Table_for_external_servers

Removal of Relaying/Domain Forwarding

If at a later date you wish to remove the domain forwarding/catchall address run the following commands: 

zmprov md domain.com zimbraMailCatchAllAddress ""
zmprov md domain.com zimbraMailCatchAllForwardingAddress ""
zmprov md domain.com zimbraMailTransport lmtp:server.domain.com:7025

Where domain.com is your domain and server.domain.com is the FQDN (Fully Qualified Domain Name) of your Zimbra server.

Domain Catchall

If you want to set up an account "user@domain.com" to catch any mail not delivered to existing users in the domain "domain.com", you can configure the account as a domain catchall. 

su - zimbra
zmprov modifyAccount user@domain.com zimbraMailCatchAllAddress @domain.com

If the users "john@domain.com", "webmaster@domain.com", and "xyznobody@domain.com" don't exist, and mail arrives for them, it will be delivered to the catchall account "user@domain.com". This will increase the amount of spam delivered, and can lead to being blacklisted. To remove the catchall from an email account, unset the catchall address: 

zmprov modifyAccount user@domain.com zimbraMailCatchallAddress ""

Domain Masquerading

If you want mail from user@domain.com or user@zimbra.domain.com to appear to come from user@example.com, you can set the canonical address for the entire domain. 

zmprov md domain.com zimbraMailCatchAllAddress @domain.com zimbraMailCatchAllCanonicalAddress @example.com
zmprov md zimbra.domain.com zimbraMailCatchAllAddress @zimbra.domain.com zimbraMailCatchAllCanonicalAddress @example.com

Additional

out of office notifications

5.0.12+ allows some additional mapping of real to alias in order to:

A) Allow auth with alias domain addresses.

B) Send out-of-office notifications for alias domains. 

zmprov md aliasdomain.com zimbraDomainAliasTargetId {zimbraId-realdomain.com}

single command

5.0.16+ added the ability to do this (above) in one command: 

zmprov createAliasDomain(cad) {alias-domain-name} {local-domain-name|id} [attr1 value1 [attr2 value2...]]

cad sets zimbraDomainType, zimbraDomainAliasTargetId, & zimbraMailCatchAllAddress

(if you want to forward mails from aliasdomain.com to realdomain.com you need to add zimbraMailCatchAllForwardingAddress) 

zmprov cad aliasdomain.com realdomain.com zimbraMailCatchAllForwardingAddress @realdomain.com


Email to non-existant accounts

Currently we automatically accept email for alias domains and then generate a bounce. This has the potential for backscatter abuse and we'd like to close this hole for hosted and still be able to offer alias domains without adding aliases to each account.

/opt/zimbra/conf/zmmta.cf smtpd_reject_unlisted_recipients 'yes' won't work with alias domains, so it's defaulted to no. (Perhaps later we'll flip this.)


However, 5.0.12+ contains a Policyd Daemon that helps those who host alias domains in ZCS. To enable the policy daemon: 

zmlocalconfig -e postfix_enable_smtpd_policyd=yes
zmprov mcf +zimbraMtaRestriction "check_policy_service unix:private/policy"
postfix stop
postfix start

(The + symbol on the zmprov command is important, else you will wipe any other existing values.)

Verified Against: Zimbra Collaboration 7.0, 6.0 Date Created: 04/16/2014
Article ID: https://wiki.zimbra.com/index.php?title=Managing_Domains Date Modified: 2015-07-12



Try Zimbra

Try Zimbra Collaboration with a 60-day free trial.
Get it now »

Want to get involved?

You can contribute in the Community, Wiki, Code, or development of Zimlets.
Find out more. »

Other help Resources

User Help Page »
Official Forums »
Zimbra Documentation Page »

Looking for a Video?

Visit our YouTube channel to get the latest webinars, technology news, product overviews, and so much more.
Go to the YouTube channel »

Retrieved from "https://wiki.zimbra.com/index.php?title=Managing_Domains&oldid=60097"
Jump to: navigation, search