About

blackmail.srv.it-syndikat.org is the IT-Syndikat mail enpoint. It handles inbound/outbound mail delivery for ITS- Members/Services.

A webmail interface is available at https://webmail.it-syndikat.org.

Maintainers

Current Maintainers:

@minato @tyrolyean: Mail setup
@tyrolyean: webmail

Technical

The mail system received mail on ports 125 and 466 from the haproxy instance on srv.hc.it-syndikat.org. Outbbound it only delivers mail to srv, which then handles final delivery. This was done to avoid having different paths for outbound and inbound mail, as well as to avoid needing to have good/sane/fine IP-Reputation for the space local networks.

Webmail

For web-access of your avccounts, a roundcube webmail service is available at https://webmail.it-syndikat.org/, which is provisioned on droptek.srv.it-syndikat.org. To update it, download a new tarball from their website and extract it over /var/www/roundcube. Don't forget to backup the config beforehand.

Postfix

Inbound, postfix gets mail from the haproxy instance runnning on srv.srv.it-syndikat.org (the ITS directed wireguard interface on srv.hc.it-syndikat.org). Outbound, it relays mail via postfix on srv.srv.it-syndikat.org which handles final delivery. Mail is being relayed for either the servers net or after ldap auth. Delivered mail is stored in /var/vmail and is owned by the given ldap user.

Aliases

General aliases from /etc/aliases (because debian) are resolved before virtual aliases from /etc/postfix/virtual. Non user specific redirects (i.g. redirects for an entire domain) need to be specified inside the virtual alias table before performing postmap /etc/postfix/virtual. New general aliases can be updated using the newaliases command. For examples, please take a look into the respective files.

Dovecot

We use dovecot to handle IMAP/POP3 mail access. POP3 was needed to allow our discourse to receive e-mail. The meta.it-syndikat.org subdomain was redirected to the meta user for ths purpose.

2 KiB Raw Permalink Blame History