Re: Question about local delivery

On Oct 10, 2007, at 10:28 AM, Daniel Taylor wrote:

> I'm running the following:
>
> Sun Java(tm) System Messaging Server 6.2-2.05 (built Apr 28 2005) 
> libimta.so 6.2-2.05 (built 20:29:38, Apr 28 2005)
>
> Dirserv 5.2, patch 3.
>
> Short form:
>
> I'm trying to see if it's possible to change the way the MTA handled 
> delivering local messages for a particular domain. Is there a way to 
> configure the MTA to first check if an address exists in its local 
> ldap directory and if so, handle it locally, without making the server 
> "authoritative" for a particular domain? In other words: if 
> user@domain exists on the server, handle it locally; otherwise, send 
> it outbound for delivery.

This is exactly what the domain-level attribute mailRoutingSmartHost is 
for: for addresses in
the domain, the MTA looks up the user in LDAP itself first, but if no 
such user is found then
routes the message to the domain's mailRoutingSmartHost.

Make sure that you have a rewrite rule that will handle the 
mailRoutingSmartHost appropriately
(whether that's routing out a regular tcp_local or tcp_intranet 
channel, or, as is often useful
for such cases, routing out a special tcp_buddydomain sort of channel).

Regards,

Kristin

> Long form (In case there's a better way to do it):
>
> We have two domains, A and B, whose MX points to our virus 
> scanning/spam blocking/outside MTA. Once accepted by that MTA, mail 
> for domain A gets routed to the JES server, while domain B gets routed 
> to the customer's own MTA. In the past, our outside MTA has done 
> address translation, rewriting some addresses in domain B (the 
> customer's MTA) to domain A (the one handled by our MTA.) 
> Unfortunately, that outside MTA is being retired and is being replaced 
> by a new outside MTA incapable of address translation. As a plus, the 
> new MTA is capable of doing address-based routing, so specific 
> addresses can be routed to particular hosts.
>
> So, in an ideal situation, the new MTA would route the domain B 
> addresses that used to be rewritten over to the JES server, which 
> could accept them since the users could have mailalternateaddresses of 
> domain A. In order to make this work, though, the JES MTA must send on 
> any mail for domain B not in its local directory, so that they can be 
> properly routed over to the customer's own MTA.
>
> In practice, the MTA will not attempt a local delivery, but will 
> simply route outbound all mail for domain B, regardless of local 
> directory addresses. This appears, from my read of the admin guide, to 
> be working correctly. The problem is that if the JES server becomes 
> authoritative for domain B, any mail sent via webmail or from 
> expanding groups for non-local domain A addresses will receive a NDR 
> and not reach their destination. If the server isn't authoritative for 
> domain B, it simply routes all the mail for domain B back out to the 
> internet.
>
> Simply rewriting all outbound mail from domain B to domain A won't 
> work, since there's mail for domain B coming out from the messaging 
> server. I can think of some ways to short circuit the NDR process, but 
> I want it to only apply to one domain (domain B.)
>
> So, is there a way to handle this situation using the MTA?
>
> Dan Taylor