Hybrid gmail MX + postfix for local accounts

Here's the setup:

We have a domain, mydomain.com. Everything is on our own server, except general email accounts which are through gmail.

Currently gmail is set as the MX record.

The server also has various email aliases it needs to support for bug trackers and such. e.g. [email protected] |/path/to/issuetracker.script

I'm struggling with a setup that allows the following, both locally and from user's email clients.

  1. guser1 - has a gmail account and a local account
  2. guser2 - only has a gmail account
  3. bugs - has a pipe alias in /etc/aliases for issue tracker

Scenarios

So, the first stab was creating a transport map. In this scenario, the our server would be set as teh MX and guser* destined emails are sent to gmail. Put the gmail users in a map like so:

[email protected] smtp:gmailsmtp:25
[email protected] smtp:gmailsmtp:25

Problems:

  • Ignores extensions such as [email protected]
  • Only works if append_at_myorigin = no (if set to yes, gmail refuses to connect with: E4C7E3E09BA3: to=, relay=none, delay=0.05, delays=0.02/0.01/0.02/0, dsn=4.4.1, status=deferred (connect to gmail-smtp-in.l.google.com[209.85.222.57]:25: Connection refused))
  • since append_at_myorigin is set to no, all received emails have (unknown sender)

The second stab was to set explicit localhost aliases in /etc/aliases and do a domain wide forward on mydomain. This too requires setting the local server as the MX:

root: root@localhost
# transport
mydomain.com smtp:gmailsmtp:25

Problems: * If I create a transport map for a domain that matches "$myhostname", the aliases file is never parsed. So when a local user (or daemon) sends an email like:

mail -s "testing" root < text.txt

Postfix ignores the /etc/alias entry and maps to [email protected] and attempts to send it to the gmail transport mapping.

Third stab:

Create a subdomain for the bugs, something like bugs.mydomain.com. Set the MX for this domain to local server and leave the MX for mydomain.com to the Gmail server.

Problems: * Does not solve the issue with local accounts. So when the bug tracker responds to an email from [email protected], it uses a local transport and the user never receives the email.

% postconf -n
alias_database = hash:/etc/aliases
alias_maps = hash:/etc/aliases
append_at_myorigin = no
append_dot_mydomain = no
biff = no
config_directory = /etc/postfix
inet_interfaces = all
mailbox_command = procmail -a "$EXTENSION"
mailbox_size_limit = 0
mydestination = $myhostname, localhost.$myhostname, localhost
myhostname = mydomain.com
mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128
myorigin = /etc/mailname
readme_directory = no
recipient_delimiter = +
relayhost = 
smtp_tls_cert_file = /etc/ssl/certs/kspace.pem
smtp_tls_enforce_peername = no
smtp_tls_key_file = /etc/ssl/certs/kspace.pem
smtp_tls_note_starttls_offer = yes
smtp_tls_scert_verifydepth = 5
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
smtp_use_tls = yes
smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU)
smtpd_recipient_restrictions = permit_mynetworks,   reject_invalid_hostname,   reject_non_fqdn_sender,   reject_non_fqdn_recipient,   reject_unknown_sender_domain,   reject_unknown_recipient_domain,   reject_unauth_destination
smtpd_tls_ask_ccert = yes
smtpd_tls_req_ccert = no
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
tls_random_source = dev:/dev/urandom
transport_maps = hash:/etc/postfix/transport

Switch to virtual. Read the VIRTUAL Docs by postfix. You have a lot more control that way.

main.cf:

virtual_alias_maps = hash:/etc/postfix/virtual
virtual_mailbox_maps = hash:/etc/postfix/virtualmailboxmap
virtual_mailbox_domains = mydomain.com
virtual_transport = local:

virtual, list all users you have

localuser  localuser
somealias  localuser
guser1     [email protected],guser1
bugs       [email protected]

virtualmailboxmap, list all localusers, right hand side does not matter!

 localuser   rhsunused
 guser1      rhsunused

transport:

 mydomain.com      local:
 gmail.mydomain.com smtp:gmailsmtp:25
 issuetracker.mydomain.com smtp:[issuetracker ip]:25

I had this with a cyrus: transport for local accounts. I know this is not a complete answer to all you questions, but it could be a start.