[SOLVED] Zentyal as an internal mail server - configuration options?

[roswitina]

I want to solve the following situation with Zentyal:
Zentyal will be taking over an internal network's mail management. Zentyal is behind a firewall and is not a separate mail server with a domain name to be.

Zentyal is like to manage multiple e-mail addresses, while the mails at the respective POP3 account with fetchmail.

Example: user1@gmx.net from extern to -> user1@local.domain intern

Furthermore, it should be possible to send mails from Zentyal via webmail or client (Outlook, Thunderbird, etc) as an external user (eg user1@gmx.net).

Can I realize my desires with Zentyal? If so, how and what I need to adjust where please? I have already made ​​several attempts but I always failed because the mails with Zentyal not Fear is an alias user.

I found  the follow lines in /var/log/zentyal/mail.log

NOQUEUE: reject: RCPT from unknown[192.168.1.1]: 553 5.7.1 <bbb@gmx.at>: Sender address rejected: not owned by user aaa@local-domain; from=<bbb@gmx.at> to=<irgendwas@mail.adresse> proto=ESMTP helo=<[192.168.1.2]>

Thanks for the help and advice
Rosi

translate by google 

[christian]

Google translation is perhaps not the most accurate because there is a couple of things I don't understand very well.
What is your native language ? there is a German forum here too.

Anyway, let's try to help 

May I ask you if @local.domain is an hard-coded constraint ?
If not, you could set-up Zentyal with same "gmx.net" mail domain, this to be sure that users will have sender mail address (and BTW reply-to mail address) matching mail domain that can be reached outside, f.urthermore, reaching gmx.net mailbox as this is your requirement

In order to do so, you could simply define @gmx.net as Zentyal domain... but... what if one of your users try to send an email to someone else, not part of your organization ?

There is, as far as I know, no masquerading option with current Zentyal design, meaning you can't accept mail from "user1@local.domain" and rewrite it as "user2@gmx.at" while sent by Zentyal postfix server.

Technically speaking, this can be done but this requires 2 kind of hacking:
- hook postfix conf to implement masquerading (perhaps not that difficult)
- hack account management GUI to allow additional LDAP attribute that will contain mail address to be used when masquerading: to me this is a bit more difficult (LDAP part is not complex but requires to understand how Zentyal deals with schemas) + some dev for web interface.

Let me think about all of this further 

[roswitina]

I solved the problem for my needs. 

I commented out the line

smtpd_sender_restrictions=reject_authenticated_sender_login_mismath

with a # in the file

/etc/share/zentyal/stubs/mail/mail.cf.mas

so zentyal after a reboot, the correct values ​​writes to the file

/etc/postfix/master.cf

Now I can send a mail with a Client (Outlook, Thunderbird, Opera etc..) as a alias-user (alias mail-address) from the internal net. My zentyal only works in a internal net and are behind a firewall.

regards
Rosi

[christian]

Sure but doing so, you don't have any central control of what users can do (like spam e.g.) as sender's email address is the one defined at mail client level.
However if it fits your need... 

[donmay]

So please then what is the best way to solve this problem if i may ask.
I have been having this problem with zentyal and i don't seem to also know how to solve them.With windows small businees server 2008.one just creates the internal domain and the users who connect with outlook or thunderbird just send an email to eg
example@gmail.com and instead of test@localdomain.local appearing users see test@telekom.de...how can one achieve this with zentyal and when one is sending to a local address it automatical forwards it there.

[christian]

The way you did it is perhaps the best one given constraints you express.
With current Zentyal version, because Zentyal can't enforce sender mail address with something else than "mail" attribute linked to domain, it will not work because you want/need such mail address to be an existing domain on internet pointing to MX that is not your.