System Ubuntu 18.04.3 new fresh server.
Objective is to host some internal sites that mirror our internet based sites for email.
Essentially we have a virtualmin host lets call it vps1.domain.co.uk and an internet virtual domain lets call it domain.co.uk this domain is out on the net and hosts a website and email.
We want another internal virtualmin host lets call it vps2.domain.co.uk and a virtual domain lets call it home.domain.co.uk that will host email and poss an internal website.
We have records in our external ISP DNS pointing to the correct iP’s for the 2 virtualmin hosts and MX etc revords for the domain.co.uk virtual host.
The virtualin script does not correctly configure DKIM etc. and I had many hours trying to figure out the issues too many to list here. MIlter service not working etc. Suffice to say at this point I have the home.domain.co.uk virtual domian working and am able to send and receive email securely and use the roundcube webmail client. BTW the roundcube installer (1.4.2) does not work either OOTB I had to download the latest script from the roundcube site and manually install and configure it. The default sub domains that virtualmin configures do not work on the lletsencypt page and I had to use simply www.home.domain.co.uk mail.home.domain.co.uk and home.domain.co.uk to get it to work.
Our email out on the net is contained in the external domain.co.uk virtual server. No clients interact directly with this external server. All email is fetchmailed locally and distributed to the local user on our existing email server running a different email platform that is now getting a bit old and ready for refresh. Hence wanting to use a virtuamin hosted system internally to replace it. All users whether on the local lan or mobile connect to the internal server to send and receive mail. We have port forwards on the FW to allow connections through. There is no MX externally configired for this internal server only the IP address of the virtualmin host which is of course also the mailhost for the internal domain home.doman.co.uk.
We are in testing with this, a key requirement is that when an internal client sends an email that is destined outside, it should appear to come from the external domain.co.uk mail server. We have tried configuring postfix masquerading on the internal virtualmin postfix server but it still shows the internal domain information in the headers.
We tried this:
masquerade_domains = domain.co.uk
masquerade_exceptions = administrator, root
masquerade_classes = envelope_recipient, envelope_sender, header_sender, header_recipient
This should change any user@home.domain.co.uk users into user@domain.co.uk users whicha re valid on the external email server.
On the exsiting system we use a canonical name so that everythng sent out appears to come from the domain.co.uk and any replies go to the internet based virtual server there are no replies to the internal server. As far as the internt is concerned this internal mail server does not exist. We then run our spam and virus checking externally before any email is downloaded to the local server. Where we check again using other filters etc.
Also weirdly when we look at the email out from the internal system using checkers like mxtoolbox and DKIM checkers it seems to show the public ip address of our internet gateway as the originating email ip and not the ip address which is dedicated to the internal server. so instead of showing the public internal virtualmin server IP (the one that resolves externally) which is part of our external public IP subnet it show the actual gateway IP. e.g Gateway x.x.x.101/29 virtualmin server x.x.x.100 it shows x.x.x.101 as the originating IP. This causes issues everwhere because the gateway address does not resolve to the virtualmin server IP and DKIM etc, fail.
I am sure I have something configured wrong. The basics looks right. The External IP address is set correctly to x.x.x.100 all DNS entries point to x.x.x.100 etc. I am wondering if the fact that it is a subdomain of domain.co.uk that is causing issues but not sure how to troubleshoot that.
I hope I have explained the requirement correctly. The existing setup has been running like this for many years and has been upgraded as ubuntu and webmin/virtualmin have evolved. The external Virtualmin system is very stable and hosts other clients sites and email the internal exising mail system is stable but old and now out of any kind of support. In total about 40GB of email is hosted.
Any advice, guidance is appreciated.
Cheers
Spart