[GH-ISSUE #986] Possible to use as a front end mail gateway and NOT a complete mail system?

kerem commented

2026-02-27 11:13:49 +03:00

Owner

Originally created by @ravensorb on GitHub (Dec 10, 2016).
Original GitHub issue: https://github.com/modoboa/modoboa/issues/986

I am considering switching from ASSP to modoboa and I was curious if it is possible to setup things up so that modoboa is configured as a mail gateway with all mail (and users) residing on another system (like xmail or hMailServer)?

I know that I can do this with postfix and setting up relay_domains, relay_receipients, and transport configuration files, The question is -- will modoboa continue to work with this confirmation (including support for quarantine)?

Originally created by @ravensorb on GitHub (Dec 10, 2016). Original GitHub issue: https://github.com/modoboa/modoboa/issues/986 I am considering switching from ASSP to modoboa and I was curious if it is possible to setup things up so that modoboa is configured as a mail gateway with all mail (and users) residing on another system (like xmail or hMailServer)? I know that I can do this with postfix and setting up relay_domains, relay_receipients, and transport configuration files, The question is -- will modoboa continue to work with this confirmation (including support for quarantine)?

kerem closed this issue

2026-02-27 11:13:49 +03:00

kerem commented

2026-02-27 11:13:50 +03:00

Author

Owner

@tonioo commented on GitHub (Dec 11, 2016):

Yes, it will continue to work and you can even declare relay domains from Modoboa.

@tonioo commented on GitHub (Dec 11, 2016): Yes, it will continue to work and you can even declare relay domains from Modoboa.

kerem commented

2026-02-27 11:13:50 +03:00

Author

Owner

@ravensorb commented on GitHub (Dec 11, 2016):

Awesome! Any advice on setting it up? Do I need to "sync" users to the database? How can I set SMTP auth up to use the internal mail server? How can I define the "routing rules" for the virtual domains?

@ravensorb commented on GitHub (Dec 11, 2016): Awesome! Any advice on setting it up? Do I need to "sync" users to the database? How can I set SMTP auth up to use the internal mail server? How can I define the "routing rules" for the virtual domains?

kerem commented

2026-02-27 11:13:50 +03:00

Author

Owner

@tonioo commented on GitHub (Dec 11, 2016):

You don't need to sync anything, I suggest you start by creating a relay domain from the web interface, you should be asked for a destination (IP of hostname). I think that's what you call "routing rule"?
About the authentication, you can replace the default socket based authentication by a TCP one (ex: http://wiki2.dovecot.org/HowTo/PostfixAndDovecotSASL)

@tonioo commented on GitHub (Dec 11, 2016): You don't need to sync anything, I suggest you start by creating a relay domain from the web interface, you should be asked for a destination (IP of hostname). I think that's what you call "routing rule"? About the authentication, you can replace the default socket based authentication by a TCP one (ex: http://wiki2.dovecot.org/HowTo/PostfixAndDovecotSASL)

kerem commented

2026-02-27 11:13:50 +03:00

Author

Owner

@ravensorb commented on GitHub (Dec 11, 2016):

Ok, I already have SASL up and working on my current gateway. So if I configure SASL to use my existing internal SMTP servers I should be good? If I do that, and change the configure to point to my internal IMAP servers, do I even need dovecot anymore?

@ravensorb commented on GitHub (Dec 11, 2016): Ok, I already have SASL up and working on my current gateway. So if I configure SASL to use my existing internal SMTP servers I should be good? If I do that, and change the configure to point to my internal IMAP servers, do I even need dovecot anymore?

kerem commented

2026-02-27 11:13:50 +03:00

Author

Owner

@tonioo commented on GitHub (Dec 11, 2016):

According to your use case, you don't need dovecot.

@tonioo commented on GitHub (Dec 11, 2016): According to your use case, you don't need dovecot.

kerem commented

2026-02-27 11:13:50 +03:00

Author

Owner

@ravensorb commented on GitHub (Dec 11, 2016):

Would users still be able to manage their quarantine? And would I need to give them individual accounts or will they be able to login using their SMTP credentials?

@ravensorb commented on GitHub (Dec 11, 2016): Would users still be able to manage their quarantine? And would I need to give them individual accounts or will they be able to login using their SMTP credentials?

kerem commented

2026-02-27 11:13:50 +03:00

Author

Owner

@tonioo commented on GitHub (Dec 12, 2016):

If you want users to manage their quarantine then Modoboa must know them, ie. you each must have a local account in order to authenticate...
An SMTP authentication plugin might be a good idea in this case (like the LDAP one), what do you think?

@tonioo commented on GitHub (Dec 12, 2016): If you want users to manage their quarantine then Modoboa must know them, ie. you each must have a local account in order to authenticate... An SMTP authentication plugin might be a good idea in this case (like the LDAP one), what do you think?

kerem commented

2026-02-27 11:13:50 +03:00

Author

Owner

@ravensorb commented on GitHub (Dec 12, 2016):

An SMTP auth plugin would be a great idea :)

@ravensorb commented on GitHub (Dec 12, 2016): An SMTP auth plugin would be a great idea :)

kerem commented

2026-02-27 11:13:50 +03:00

Author

Owner

@dragon2611 commented on GitHub (Dec 21, 2016):

When creating the relay domain there is the option between "relay" and "smtp" but also a scan button (which seems to just load a blank page), However no where does it say what the difference between the options is.

@dragon2611 commented on GitHub (Dec 21, 2016): When creating the relay domain there is the option between "relay" and "smtp" but also a scan button (which seems to just load a blank page), However no where does it say what the difference between the options is.

kerem commented

2026-02-27 11:13:50 +03:00

Author

Owner

@tonioo commented on GitHub (Dec 21, 2016):

The 'service' corresponds to what is available inside postfix master.cf file. 'smtp' and 'relay' are always available. The 'scan' button tells Modoboa to parse this file in order to find additional services. I think you can choose the relay option.

@tonioo commented on GitHub (Dec 21, 2016): The 'service' corresponds to what is available inside postfix master.cf file. 'smtp' and 'relay' are always available. The 'scan' button tells Modoboa to parse this file in order to find additional services. I think you can choose the relay option.

kerem commented

2026-02-27 11:13:50 +03:00

Author

Owner

@dragon2611 commented on GitHub (Dec 21, 2016):

Ah OK,

Eventually the accounts will be local anyway, but for now there is an existing server handling the actual email so the plan is for those domains to have modoboa act as the front end SMTP server and do spam filtering/scanning then passing it back to that server.

Presumably when I'm ready to switch I just change the domain type, or is it better to delete it and then re-add it.

Is it possible to have a hybrid setup (I.e if the mailbox exists locally use it otherwise relay)

@dragon2611 commented on GitHub (Dec 21, 2016): Ah OK, Eventually the accounts will be local anyway, but for now there is an existing server handling the actual email so the plan is for those domains to have modoboa act as the front end SMTP server and do spam filtering/scanning then passing it back to that server. Presumably when I'm ready to switch I just change the domain type, or is it better to delete it and then re-add it. Is it possible to have a hybrid setup (I.e if the mailbox exists locally use it otherwise relay)

kerem commented

2026-02-27 11:13:50 +03:00

Author

Owner

@tonioo commented on GitHub (Dec 21, 2016):

Changing the domain should be fine.

On 21/12/2016 17:56, dragon2611 wrote:

Ah OK,

Eventually the accounts will be local anyway, but for now there is an
existing server handling the actual email so the plan is for those
domains to have modoboa act as the front end SMTP server and do spam
filtering/scanning then passing it back to that server.

Presumably when I'm ready to switch I just change the domain type, or
is it better to delete it and then re-add it.

—
You are receiving this because you commented.
Reply to this email directly, view it on GitHub
https://github.com/modoboa/modoboa/issues/986#issuecomment-268574872,
or mute the thread
https://github.com/notifications/unsubscribe-auth/AAgc7kMNdgoTAFVTWY8vHGxeNjd2scbjks5rKVo6gaJpZM4LJtL_.

@tonioo commented on GitHub (Dec 21, 2016): Changing the domain should be fine. On 21/12/2016 17:56, dragon2611 wrote: > > Ah OK, > > Eventually the accounts will be local anyway, but for now there is an > existing server handling the actual email so the plan is for those > domains to have modoboa act as the front end SMTP server and do spam > filtering/scanning then passing it back to that server. > > Presumably when I'm ready to switch I just change the domain type, or > is it better to delete it and then re-add it. > > — > You are receiving this because you commented. > Reply to this email directly, view it on GitHub > <https://github.com/modoboa/modoboa/issues/986#issuecomment-268574872>, > or mute the thread > <https://github.com/notifications/unsubscribe-auth/AAgc7kMNdgoTAFVTWY8vHGxeNjd2scbjks5rKVo6gaJpZM4LJtL_>. >

kerem commented

2026-02-27 11:13:50 +03:00

Author

Owner

@dragon2611 commented on GitHub (Dec 21, 2016):

It's set as relay at the moment but looking at the postfix logs I seem to just return 450 service tempoarilly unavailable

Edit: Ahh looks like it might just have been delay/greylisting.

@dragon2611 commented on GitHub (Dec 21, 2016): It's set as relay at the moment but looking at the postfix logs I seem to just return 450 service tempoarilly unavailable Edit: Ahh looks like it might just have been delay/greylisting.

kerem commented

2026-02-27 11:13:50 +03:00

Author

Owner

@tonioo commented on GitHub (Dec 21, 2016):

Can you paste your logs somewhere?

@tonioo commented on GitHub (Dec 21, 2016): Can you paste your logs somewhere?

kerem commented

2026-02-27 11:13:50 +03:00

Author

Owner

@dragon2611 commented on GitHub (Dec 21, 2016):

emailed to you providing they don't get eaten by a spam filter

@dragon2611 commented on GitHub (Dec 21, 2016): emailed to you providing they don't get eaten by a spam filter

kerem commented

2026-02-27 11:13:50 +03:00

Author

Owner

@tonioo commented on GitHub (Dec 21, 2016):

Which address?

@tonioo commented on GitHub (Dec 21, 2016): Which address?

kerem commented

2026-02-27 11:13:50 +03:00

Author

Owner

@dragon2611 commented on GitHub (Dec 21, 2016):

The one that was in your profile.

@dragon2611 commented on GitHub (Dec 21, 2016): The one that was in your profile.

kerem commented

2026-02-27 11:13:50 +03:00

Author

Owner

@dragon2611 commented on GitHub (Dec 21, 2016):

It looks like if postscreen does any greylisting it doesn't play nice with o365 https://talk.plesk.com/threads/greylist-high-delays-from-protecction-outlook-com-and-others.334180/

https://talk.plesk.com/threads/enabling-postscreen-breaks-usr-local-psa-admin-sbin-mchk-command.333516/#post-781803

@dragon2611 commented on GitHub (Dec 21, 2016): It looks like if postscreen does any greylisting it doesn't play nice with o365 https://talk.plesk.com/threads/greylist-high-delays-from-protecction-outlook-com-and-others.334180/ https://talk.plesk.com/threads/enabling-postscreen-breaks-usr-local-psa-admin-sbin-mchk-command.333516/#post-781803

kerem commented

2026-02-27 11:13:50 +03:00

Author

Owner

@tonioo commented on GitHub (Dec 22, 2016):

Indeed, I don't see anything strange in your log file. You can try to whitelist o365 IPs at postscreen level.

@tonioo commented on GitHub (Dec 22, 2016): Indeed, I don't see anything strange in your log file. You can try to whitelist o365 IPs at postscreen level.

kerem commented

2026-02-27 11:13:50 +03:00

Author

Owner

@dragon2611 commented on GitHub (Dec 22, 2016):

Where does the installer put the config file?

Sent from Ninehttp://www.9folders.com/

From: Antoine Nguyen notifications@github.com
Sent: 22 Dec 2016 12:02
To: modoboa/modoboa
Cc: Matthew Pease; Comment
Subject: Re: [modoboa/modoboa] Possible to use as a front end mail gateway and NOT a complete mail system? (#986)

Indeed, I don't see anything strange in your log file. You can try to whitelist o365 IPs at postscreen level.

You are receiving this because you commented.
Reply to this email directly, view it on GitHubhttps://github.com/modoboa/modoboa/issues/986#issuecomment-268785979, or mute the threadhttps://github.com/notifications/unsubscribe-auth/AF5ht9JsJPflIw7_zdDteH8-e_GrsDosks5rKmbAgaJpZM4LJtL_.

@dragon2611 commented on GitHub (Dec 22, 2016): Where does the installer put the config file? Sent from Nine<http://www.9folders.com/> ________________________________ From: Antoine Nguyen <notifications@github.com> Sent: 22 Dec 2016 12:02 To: modoboa/modoboa Cc: Matthew Pease; Comment Subject: Re: [modoboa/modoboa] Possible to use as a front end mail gateway and NOT a complete mail system? (#986) Indeed, I don't see anything strange in your log file. You can try to whitelist o365 IPs at postscreen level. - You are receiving this because you commented. Reply to this email directly, view it on GitHub<https://github.com/modoboa/modoboa/issues/986#issuecomment-268785979>, or mute the thread<https://github.com/notifications/unsubscribe-auth/AF5ht9JsJPflIw7_zdDteH8-e_GrsDosks5rKmbAgaJpZM4LJtL_>.

kerem commented

2026-02-27 11:13:50 +03:00

Author

Owner

@tonioo commented on GitHub (Dec 22, 2016):

At the regular place: /etc/postfix/main.cf.

On 22/12/2016 13:14, dragon2611 wrote:

Where does the installer put the config file?

Sent from Ninehttp://www.9folders.com/

From: Antoine Nguyen notifications@github.com
Sent: 22 Dec 2016 12:02
To: modoboa/modoboa
Cc: Matthew Pease; Comment
Subject: Re: [modoboa/modoboa] Possible to use as a front end mail
gateway and NOT a complete mail system? (#986)

Indeed, I don't see anything strange in your log file. You can try to
whitelist o365 IPs at postscreen level.

You are receiving this because you commented.
Reply to this email directly, view it on
GitHubhttps://github.com/modoboa/modoboa/issues/986#issuecomment-268785979,
or mute the
threadhttps://github.com/notifications/unsubscribe-auth/AF5ht9JsJPflIw7_zdDteH8-e_GrsDosks5rKmbAgaJpZM4LJtL_.

—
You are receiving this because you commented.
Reply to this email directly, view it on GitHub
https://github.com/modoboa/modoboa/issues/986#issuecomment-268787719,
or mute the thread
https://github.com/notifications/unsubscribe-auth/AAgc7uaW-F36QBym6PkEspCrjIFPPGeGks5rKmmTgaJpZM4LJtL_.

@tonioo commented on GitHub (Dec 22, 2016): At the regular place: /etc/postfix/main.cf. On 22/12/2016 13:14, dragon2611 wrote: > Where does the installer put the config file? > > Sent from Nine<http://www.9folders.com/> > ________________________________ > From: Antoine Nguyen <notifications@github.com> > Sent: 22 Dec 2016 12:02 > To: modoboa/modoboa > Cc: Matthew Pease; Comment > Subject: Re: [modoboa/modoboa] Possible to use as a front end mail > gateway and NOT a complete mail system? (#986) > > > Indeed, I don't see anything strange in your log file. You can try to > whitelist o365 IPs at postscreen level. > > - > You are receiving this because you commented. > Reply to this email directly, view it on > GitHub<https://github.com/modoboa/modoboa/issues/986#issuecomment-268785979>, > or mute the > thread<https://github.com/notifications/unsubscribe-auth/AF5ht9JsJPflIw7_zdDteH8-e_GrsDosks5rKmbAgaJpZM4LJtL_>. > > — > You are receiving this because you commented. > Reply to this email directly, view it on GitHub > <https://github.com/modoboa/modoboa/issues/986#issuecomment-268787719>, > or mute the thread > <https://github.com/notifications/unsubscribe-auth/AAgc7uaW-F36QBym6PkEspCrjIFPPGeGks5rKmmTgaJpZM4LJtL_>. >

kerem commented

2026-02-27 11:13:50 +03:00

Author

Owner

@almereyda commented on GitHub (Jan 15, 2017):

For us it is also neccessary to use Modoboa as a front-end mail gateway in front of various listserv instances, i.e. mailman, sympa and alike.

Unfortunately it is not perfectly clear how to:

set up a relay host which uses a non standard port
i.e. putting lists.allmende.io:1025 for debug reasons creates a transport rule to [lists.allmende.io:1025] instead of [lists.allmende.io]:1025
have incoming mail to the relay domain passed without checking for existing accounts
i.e. answering to a mailman confirm message returns Recipient address rejected: unverified address: unknown mail transport error; in the mail log.

This needs better overall documentation, as the official one is silent on these subjects.
In the future, also the sending route should work via SASL auth to Modoboa, transparently accepting all sender addresses after authentication for that domain.

Sender alias for such an account would just need to be @relay.domain?
Local mailboxes and aliases are preferred over relaying?

@almereyda commented on GitHub (Jan 15, 2017): For us it is also neccessary to use Modoboa as a front-end mail gateway in front of various listserv instances, i.e. mailman, sympa and alike. Unfortunately it is not perfectly clear how to: * set up a relay host which uses a non standard port i.e. putting `lists.allmende.io:1025` for debug reasons creates a transport rule to `[lists.allmende.io:1025]` instead of `[lists.allmende.io]:1025` * have incoming mail to the relay domain passed without checking for existing accounts i.e. answering to a mailman confirm message returns `Recipient address rejected: unverified address: unknown mail transport error;` in the mail log. This needs better overall documentation, as the official one is silent on these subjects. In the future, also the sending route should work via `SASL` auth to Modoboa, transparently accepting all sender addresses after authentication for that domain. - Sender alias for such an account would just need to be `@relay.domain`? - Local mailboxes and aliases are preferred over relaying?

kerem commented

2026-02-27 11:13:50 +03:00

Author

Owner

@tonioo commented on GitHub (Jan 16, 2017):

@almereyda The rule is improperly generated because modoboa does not split host and port information for now, that's something pretty easy to fix. About recipient address verification, just uncheck the "Verify recipients" option and you're done.
About the other part of your, I'm not sure to understand it...

@tonioo commented on GitHub (Jan 16, 2017): @almereyda The rule is improperly generated because modoboa does not split host and port information for now, that's something pretty easy to fix. About recipient address verification, just uncheck the "Verify recipients" option and you're done. About the other part of your, I'm not sure to understand it...

kerem commented

2026-02-27 11:13:50 +03:00

Author

Owner

@tonioo commented on GitHub (Jan 19, 2017):

@ravensorb The SMTP authentication backend is done and will be released with 1.7.0.
@almereyda I've fixed the relaydomain bug (wrong syntax when using a port).
I close this issue, do not hesitate to open new ones if needed.

@tonioo commented on GitHub (Jan 19, 2017): @ravensorb The SMTP authentication backend is done and will be released with 1.7.0. @almereyda I've fixed the relaydomain bug (wrong syntax when using a port). I close this issue, do not hesitate to open new ones if needed.

Rows
Columns

[GH-ISSUE #986] Possible to use as a front end mail gateway and NOT a complete mail system? #835