0

The place I work at is currently using Postfix/Dovecot on CentOS 6 for our mail. We will be migrating to Exchange 2013 on Windows Server 2012 in the future. I have been put in charge of this task and I (obviously) would like the migration to go as smooth as possible.

The problem is, there doesn't seem to be much documentation for such a migration. At least, not with Exchange 2013. That being said, I have a couple questions.

I would like to keep our current mail server as a relay host, as it has a spam filter on it that we like. To my understanding, if I want to accomplish this, all I need to do is add this line to my main.cf: 

relayhost = ExchangeServer.domain.com

Then add the mail server as a trusted server in exchange. Is that correct?

My other question is; is there any way to keep all my users email? From my research, it was possible in Exchange 2003 and 2007. But it does not appear to be directly possible with Exchange 2013 without purchasing an enterprise solution, which I would like to avoid.
I see from this post that imapsync may be a viable option. But, my understanding is that that tool doesn't work for exchange (also it's a paid solution).

Any help is appreciated.

Community
  • 1
Chris Powell
  • 300
  • 1
  • 4
  • 17
  • 2
    Exchange **does** come with IMAP support still, correct? If so, then you can use the free/open-source imapsync to copy users' mail via IMAP. – EEAA Sep 10 '13 at 19:58
  • I suppose that's my bad for not looking that up. Just checked, you're right. It does come with IMAP support. So I guess that takes care of the second question. Thanks. – Chris Powell Sep 10 '13 at 20:09
  • You should also make your postfix gateway know/check valid recipients at the internal mail server(s). Otherwise it is going to generate backscatters (bounce email to faked spam senders). – AnFi Sep 10 '13 at 20:42

1 Answers1

2

Listing your exchange server within main.cf as relayhost is almost enough: Due to the way Postfix treats Address Classes, the relayhost will never be used when Postfix thinks it's the final destination for incoming mail (i.e. the recipient domain is within mydestination, virtual_mailbox_domains and so on).

So, what you will need to do is actually move the domain in question to relay_domains (and if you had a transport_maps that specified a non-standard transport for it, get rid of this entry, too).

This just leaves you with a single problem: Verifying that a recipient actually exists on the Exchange server. If you can query AD/LDAP, then no problem, just set relay_recipient_maps. If not, you'll need to use recipient verification. Assuming mail for example.com should be relayed to the Exchange server:

smtpd_restriction_classes = relay_verification
relay_verification = check_unverified_recipient
# if Postfix > 2.10, you can also do this in smtpd_relay_restrictions
smtpd_recipient_restrictions =
  ...
  check_recipient_access hash:/etc/postfix/relay_verification
  ...

And in /etc/postfix/relay_verification:

example.com  relay_verification

For the second part of your question, stick to imapsync or similar tools.

Stefan Förster
  • 1,151
  • 5
  • 8