Well, after some beating my head into the wall (that usually works), I’ve decided to just
set up Ciphermail as a separate server again and set submission and smtps to proxy into
Ciphermail’s smtp. A little hairy, but it works.
The internal domain aliases was really making things difficult.
For the second issue, I am deciding to configure default settings for no encryption
services, and then enable encryption on a per-domain basis. Have not tried anything yet,
but maybe someone has some insight on the best way to accomplish this?
~ Laz Peterson
On Mar 20, 2015, at 8:41 PM, Laz C. Peterson
I’ve got an issue here that I would really appreciate some help with. We are running
Ubuntu 14.04, Postfix, Dovecot and Ciphermail, everything updated — all mail and
authentication services are functioning normal.
First … Dovecot is the LDA and we have virtual users and virtual domains. Some of these
domains are aliases of non-routable Windows AD domains. For example, user(a)email.net
<mailto:email@example.com> -> user(a)email.corp <mailto:firstname.lastname@example.org> …
Ciphermail creates accounts for the internal domain instead of the address that the email
was initially addressed to, and this confuses the users. How do we configure
Ciphermail/Postfix to make sure that Ciphermail processes the account using the alias
domain (what is in the original To:) that the user is familiar with?
Second … Since Ciphermail is running on the same mail server that is accepting incoming
mail from the internet, whether or not it is encrypted, it is still processing the queue.
We have created a tag (“[encrypt]”) that flags an email to be processed by Ciphermail,
with the intention of that function being available for only internal domains — or more
precisely, for SASL authenticated users — but it services encryption for any random
external user or domain as long as they put the same tag in the subject line. How can we
avoid this happening?
Thank you so much for any insight.
~ Laz Peterson
Users mailing list