O=isp vs dc=domain, dc=com

when installing the JES - the instructions suggest using o=isp instead of the default dc=domain, dc=com
does this matter? i am more familair with the default.
does this have any affect on organization, e.g. when you add new domains is it better for them to appear under o=isp, etc.?
thanks,
s7

dc=xx,dc=yy makes sense in schema 1, where there's a dc tree. But in native schema 2, there's a flat list of domains. Each entry has all the properties for that domain. If you have a tree of dc's, it isn't used as a tree. It's going to find the math dept by doing a lookup with (sunpreferreddomain=math.rutgers.edu), assuming that their domainname is math.rutgers.edu. Of course you could have that attribute on a DN called dc=math,dc=rutgers,dc=edu. But a flat structure reflects what is going on better:
o=rutgers.edu, o=rulink-top
o=math.rutgers.edu, o=rulink-top
o=scarletknights.org, o=rulink-top
Incidentally, what are you going to do if you have domains that don't all end in the same suffix, as in this example? It's hard to do that in a single tree (though you could stick an extra top level suffix on).
I interpreted the "isp" in o=isp as meaning an identifier for the overall organization running the server, i.e. the ISP, as opposed to the customer domains. Originally I used o=rutgers.edu as the top level, but the installer didn't like a default domain of o=rutgers.edu,o=rutgers.edu. Thus I want to something that I know will never be the name of any domain we support. However using the actual text o=isp would work fine.

Similar Messages

Unable to Create Alias Entry

I have setup a new sever with Comm Suite on it. I recreated the user in the ldap sever and imported their email and calendar data. Everything is working great except one pesky problem. I changed the ldap structure in the new server to o=isp from dc=domain,dc=com in the old. My problem is that we have a lot of other servers that authenticate using the ldap server and I need to some how alias dc=domain,dc=com to point at o=isp but the ldap server keeps giving me the message.
adding new entry dc=domain,dc=com
ldap_add: No such object
I'm using Directory Server 6.0
Thanks for any help.
Josh

Hi,
1.) I was wondering what the command looks like that you are entering?
2.) Is o=isp at the top of the Directory Tree?
3.) Is dc=domain,dc=com at the top of the old Directory Tree?
RFC 4512 has some discussion about alias entries and RFC 4517 has info about DN matching rule syntax. http://www.ietf.org/
(Ran into this while researching SSL & LDAP and remembered seeing your post about alias question.)
John

How to configure a COM domain, IPv4 and IPv6

Hi,
I am a new user on the Mac Server, but I have experience in Linux, my problem would be to understand how I configure the Mac Mini Server during installation or after installation, to assign a COM domain.
I would like to configure only the service Apache, FTP, MySQL.
My internet provider, today provided me 4 static IPs IPv4 and 4 IPv6, to use, now I want also to configure two local DNS if possible:
IPv4:
www.mydomain.com
ftp.mydomain.com
mysql.mydomain.com
IPv6:
www6.mydomain.com
For if I can configure DNS in Dual Stack or if I have to record them in a different way.
A control panel is currently not able to find it, you can advise me if something is well accepted, the important it is for business use as I would like to configure the server is for private use.
I hope I was clear, I'm sorry but I do not speak perfect English.
Thanks in advance to all.

To be clear, in your example you only have one domain - mydomain.com - all the other entries are just host records within that domain.
For your IPv4 hosts just add standard A records:
ftp A 1.2.3.4
www A 1.2.3.5
mysql A 1.2.3.6
For your IPv6 hosts just add AAAA records:
www6 AAAA 1234::ab:cd:ef
I seriously doubt you want to put your MySQL server on a public IP address, though, so I'd look carefully at your network setup before going much further.

How to let mmp_smtp support virtual domain authentication by user/pass

my mmp had configured 2 virtual domain ,one is mmp1.soft.com,other is mmp2.soft.com
i can send mail by mmp use the user/pass format : mmp1user/pass , which is sotred in o=mmp1.soft.com,o=isp in ldap,and the format [email protected]/pass which is stored in o=mmp2.soft.com,o=isp in ldap,
but i can't send mail use the format: mmp2user/pass.
the pop is work fine.
the following is my config file:
more PopProxyAService.cfg
default:LdapUrl "ldap://mmp1.soft.com:389/o=internet"
default:LogDir /var/Sun/ims52/mmp-mail2/log
default:LogLevel 10
default:BindDN "cn=Directory Manager"
default:BindPass "soft"
default:BacksidePort 8110
default:ConnLimits 0.0.0.0|0.0.0.0:20
default:VirtualDomainFile /var/Sun/ims52/mmp-mail2/vdmap.cfg
default:DefaultDomain mmp1.oft.com
default:SearchFormat (uid=%U)
default:VirtualDomainDelim @
default:CanonicalVirtualDomainDelim @
default:AuthCacheTTL 1
default:LdapCacheTTL 1
default:HostedDomains yes
more vdmap.cfg
vdmap mmp2 192.192.192.192
mmp2:DefaultDomain mmp2.soft.com
mmp2:BindDN "cn=Directory Manager"
mmp2:BindPass "oft"
mmp2:LdapUrl "ldap://mmp2.soft.com:389/o=internet"
more SmtpProxyAService.cfg
default:LdapUrl "ldap://mmp1.soft.com:389/o=internet"
default:LogDir /var/Sun/ims52/mmp-mail2/log
default:LogLevel 10
default:BindDN "cn=Directory Manager"
default:BindPass "soft"
default:ConnLimits 0.0.0.0|0.0.0.0:20
default:VirtualDomainFile /var/Sun/ims52/mmp-mail2/vdmapsmtp.cfg
default:DefaultDomain mmp2.soft.com
default:SmtpProxyPassword soft..ssl
default:LdapCacheTTL 1
default:SmtpRelays mmp1
more vdmapsmtp.cfg
vdmap mmp2 192.192.192.192
mmp2:DefaultDomain mmp2.soft.com
mmp2:BindDN "cn=Directory Manager"
mmp2:BindPass "soft"
mmp2:LdapUrl "ldap://mmp.soft.com:389/o=internet"
mmp2:LdapCacheTTL 1
mmp2:AuthCacheTTL 1
mmp2:SearchFormat (uid=%s)what's the error with my configuration?
Does the virtual domain is supproted by mmp_smtp,and does user can auth to smtp by user/pass ,but not by user@domain/pass ?
thanks in advance!
null

ok,let's discuss with data.
i want to migrate another domain "soft.com" to my current Messaging Server,
i have created the new host domain : soft.com ,and the user "testmail" belongs to that domain.
the following show the process of my login.
220 ESMTP Messaging Multiplexor (iPlanet Messaging Server 5.2 (built Feb 21 2002)
helo soft.com
250 mail2
auth login
334 VXNlcm5hbWU6
dGVzdG1haWw= (which is "testmail" after base64 decode)
334 UGFzc3dvcmQ6
cGFzczR0ZXN0bWFpbA== (which is "pass4testmail" after base64 decode)
535 5.7.8 Bad username or password (Authentication failed).
220 ESMTP Messaging Multiplexor (iPlanet Messaging Server 5.2 (built Feb 21 2002)
helo soft.com
250 mail2
auth login
334 VXNlcm5hbWU6
dGVzdG1haWxAc29mdC5jb20= (which is "[email protected]" after base64 decode)
334 UGFzc3dvcmQ6
cGFzczR0ZXN0bWFpbA== (which is "pass4testmail" after base64 decode)
235 2.7.0 login authentication successful.
mail from:[email protected]
250 2.5.0 Address Ok.
quit
221 2.3.0 Bye received. Goodbye.becase i start the ssl connection for user to send and receive mail ,so i have to use mmp as smtp/pop/imap proxy. i don't want the user of domian "soft.com" need modify any of their mail client after the migration ,that means,the user of domain "soft.com" can login use "testmail",but not "[email protected]".
i don't know whether i have described my question clearly,thanks for endure my lame english~ ! :)

How can I send an email so it looks like it's from my business domain?

I own the domain example.com and I have set up email forwarding to my personal email address. [email protected] forwards to [email protected] I would like to be able to respond to clients and have it seem like it comes from the [email protected] address. How might I do this? Thanks for all the help!

In order for Thunderbird to be able to proffer the address as a from: address, the address has to be set up in Thunderbird as an incoming address. If it is not possible to set it up as a truly self-standing email address, then you could add it as an identity on a working account.
The remaining part of this is to look at what is being used to send your messages. As an example, if you send using a gmail server, the messages will appear to come from the gmail address associated with the gmail smtp "account" regardless of what address you put into the message itself. Whilst gmail is unusual and perhaps unique in this respect, it does mean that this possibility should be considered.
Another is that some mail providers don't allow "foreign" from: addresses to be used in messages. I have encountered this is the past with two UK ISPs, (bt and freeseeve) whose smtp servers allowed only addresses provided by the ISP, or at least permitted other addresses only when they'd been registered with the ISP-provided mail account. These are clumsy and somewhat naïve attempts to inhibit rogue smtp servers installed on end-users' computers by malware.
In my own case, I lease a domain which apart from a www address and the ability to set up other ad-hoc addresses for ftp and webcams and the like, includes a bundle of email addresses for my family. However, the "real" address is a somewhat clumsy formulation, and some jiggery pokery with a ddns service (zoneedit) allows mx records to be set up so that messages addressed to my domain-connected address to find their way to the "real" accounts. Since I can send a message to my domain-based account, I can set it up in Thunderbird, so it is automatically offered as a candidate from: address when creating or replying to an email message.
In practice, all messages are sent by your smtp server, but are allowed to declare a from: address (and also a separate reply-to address, but that's another matter.) It is possible in your case that the registrar or domain provider also offers an smtp server, but it won't necessarily give your domain as the origin, instead giving the domain of the webhost or registrar or whatever. Choice of smtp often is influenced by other factors, such as can you use it when away from home or your place of business?

Can not receive emails from any accounts rather than Rogers(my ISP)

Hi all,
I have OCS10g installed on RHEL_AS4. Currently I got problem to receive and send emails both inbound and outbound.
When I send e-mail by either Oracle Web Access Client or Oracle Mail. It went smooth through the sending page. Unfortunately I can not get the e-mails neither from inbound or outbound domains, except [email protected]. Rogers is my current ISP and I am using the TZO dynamicIP service for the OCS server.
The configuration for smtp_inbound_server are as following. Has anyone known the solution of my problem?
Thanks,
smtp_in:115202828832018325
Mail Collaboration Suite Database:
Message Intertion Mode: RoundRobin
Selected Collaboration Suite Database: orcl.myocsdomain.com
Delivery Collaboration Suite Database:
Selected Collaboration Suite Database: orcl.myocsdomain.com
LDAP Connection Pool Parameters:
Increment:1
Minimum: 2
Maximum: 20
LDAP Time Lag: 500
LDAP Connection Retry Parameters
Max Con. Retry Int.: 100000
Recon. Timeout: 1
Max. Retry Count: 100
Threas Parameters
Timeout: 1860
Increment: 1
Min.: 1
Max.: 500
DSN Parameters
Postmaster DSNs: all
Temp. DSN Int.: 24
Include Complete Error Message in DSN: True
Rules and Routing Control Parameters
Routing Control: Enabled
Spam Flood Int.: 10
Spam Max. Flood Count: 10000
Max # of Receipients Allowed in an Envelop: 100
Env. and Mess Header Checking: Disable Checks
Reject Mess. with Diff Auth ID and sender: Do not check
Enforce Reverse DNS lookup on Client IP: False
DNS check on Helo/Ehlo domain: False
DNS Check on Sender Domain: False
Relay Allowed: False
Trusted Relay Domain: mail.myocsdomain.com
External Filter: False
Trusted Domains:
mail.myocsdomain.com
Trusted Sender Domains:
hotmail.com
gmail.com
Trusted Senders:
*mail.myocsdomain.com
General Parameters
Local Domains: mail.myocsdomain.com
Archive Processing: Disabled
Presentation Name : ESSMI
Max. Size of Shell: 1000000
Max. # of Headers Allowed in a message: 1000
Max. # of Clients: 1000
Port: 25
Checkpoint Int.: 20
Max. Hop Count: 25
Max. Message Size: 0
Message Timeout: 30
SMTP Queue Timeout: 5 days
Use Error-To Header to specify the mail addr. for DSN's: true
Authentication: None
Submit Only: False
Process IMIP Messages: False
SASL Protection: Confidentially
SASL Authentication Disabled
Support STARTTLS Command: False
Allow Clear Tect Logn: True
Default Domain: mail.myocsdomain.com
Add Domain to email addr. wit missing domain in envelop: False
Protocol Banner: server ready. Unauthorized Access...
Process Log Level: Warning
Max. Log Size: 5M
Max. # of Log Files: 10
.......

When I check the logfile, I found the error messages like this :
mtext Delivery to ******@gmail.com failed rcode=1 smtp_err=421
There is no error message about sending to [email protected], however I couldn't receive any emails I send to myself.
Thanks for your time in advance.

Should Autodiscover record be created at ISP

I am facing issue with active sync i am using exchange 2007.
I am getting errors for autodiscover when i do testexchangeconnectivity.
Should Autodiscover record be created at ISP pointing to my exchange(autodiscover.mydomain.com)
PS]
C:\Users\Administrator.\Desktop>Get-ActiveSyncVirtualDirectory | fl
ActiveSyncServer:
https://mail.mydomain.com/
MetabasePath
: IIS://MAIL.mydomain.com/W3SVC/1/ROOT/Microsoft-Server-ActiveSync
ClientCertAuth
: Ignore
Server
: MAIL
InternalUrl
: https://mail.mydomain.com/Microsoft-Server-ActiveSync
InternalAuthenticationMethods
ExternalUrl
: https://mail.mydomain.com/
ExternalAuthenticationMethods
OriginatingServer:
MAIL.mydomain.com
Get-ClientAccessServer
| fl Namae,AutoDiscoverServiceInternalUri
Name
: MAIL
AutoDiscoverServiceInternalUri
: https://mail.mydomain.com/autodiscover/autodiscover.xml
Get-ClientAccessServer
| fl Name,AutoDiscoverServiceExternalUri
Name
: MAIL
[PS]
C:\Users\Administrator.Mydomain\Desktop>Get-AutodiscoverVirtualDirectory | ft *url*
InternalUrl
ExternalUrl

Please do help me in configuring Active Sync
please do guide me the powershell commands to setup active sync properly .My users are not able to access email from their smartphones.
When i do testconnectivity i am getting errors for autodiscover
PS] C:\Users\Administrator.\Desktop>Get-ActiveSyncVirtualDirectory | fl
ActiveSyncServer: https://mail.mydomain.com/
MetabasePath : IIS://MAIL.mydomain.com/W3SVC/1/ROOT/Microsoft-Server-ActiveSync
ClientCertAuth : Ignore
Server : MAIL
InternalUrl : https://mail.mydomain.com/Microsoft-Server-ActiveSync
InternalAuthenticationMethods : {}
ExternalUrl : https://mail.mydomain.com/
ExternalAuthenticationMethods : {}
OriginatingServer: MAIL.mydomain.com
Get-ClientAccessServer | fl Namae,AutoDiscoverServiceInternalUri
Name : MAIL
AutoDiscoverServiceInternalUri : https://mail.mydomain.com/autodiscover/autodiscover.xml
Get-ClientAccessServer | fl Name,AutoDiscoverServiceExternalUri
Name : MAIL
[PS] C:\Users\Administrator.Mydomain\Desktop>Get-AutodiscoverVirtualDirectory | ft *url*
InternalUrl ExternalUrl
my exchange server hostname is mail and domain mydomain.com
Do cross check these commands
After running below commands do my external users connect to my exchange using active sync with mail.mydomain.com
with SSL enabled(I am using digicert)
which command should i run
1. Set-ClientAccessServer -identity "MAIL" https://mail.mydomain.com/autodiscover/autodiscover.xml
or
Set-ClientAccessServer -identity "MAIL" -AutoDiscoverServiceInternalUri : https://mail.mydomain.com/autodiscover/autodiscover.xml
2. Enable-OutlookAnywhere -Server MAIL -ExternalHostname "mail.mydomain.com" -ExternalAuthenticationMethod "Basic" -SSLOffloading:$False
Here what does -SSL Offloading mean ( iwant SSL to be used)
3. Set-OABVirtualDirectory -identity "MAIL\OAB (Default Web Site)" -externalurl https://mail.mydomain.com/OAB -RequireSSL:$true
4. Set-WebServicesVirtualDirectory -identity "MAIL\EWS (Default Web Site)" -externalurl https://mail.mydomain.com/EWS/Exchange.asmx -BasicAuthentication:$True
After running these commands do my external users on the internet connect to my exchange using mail.mydomain.com

450 host down to only one domain

GW7.0.4 on SLES10 patch level 3--email to one domain
(nationwideplanning.com) results in a 450 host down result. No complaints
with any other recipients. An nslookup from the GW server results below, so
there is an answer. As a workaround, users are sending this recipient email
from their personal Gmail, AOL and AT&T accounts without fail. I am not
sure where to look for a cause of this failure and appreciate any thoughts
or clues. I have a ticket open with Verizon our ISP and verified out
reverse pointer record is OK, but they have not been very helpful.
Thanks.
# nslookup
> set type=mx
> nationwideplanning.com
Server: 198.6.1.142
Address: 198.6.1.142#53
Non-authoritative answer:
nationwideplanning.com mail exchanger = 0 mail.nationwideplanning.com.
nationwideplanning.com mail exchanger = 10 mail2.nationwideplanning.com.
Authoritative answers can be found from:
mail2.nationwideplanning.com internet address = 173.220.139.156
mail.nationwideplanning.com internet address = 96.57.118.76

forgot to add GWIA log entry:
13:22:18 104 MSG 319619 Analyzing result file:
/media/nss/VOL3/cmgw/cmgwdom/wpgate/gwia/result/rd2b06fc.447
13:22:18 104 MSG 319619 Detected error on SMTP command
13:22:18 104 MSG 319619 Command: nationwideplanning.com
also, the A record in the GWIA config is just our domain name, but our
pointer record is listed a mailhost.<domain name>. Could this cause a
problem for few and random recipients?

How to setup DNS behind Airport Extreme and ISP that will not reverse DNS

Hi,
I am having issues setting up my Mac Mini with SLS. Right now my server is connected to the internet through my Airport Express. It gets a static address from the router (10.0.1.13). The router also has a static address from my ISP. I own the domain redcedarpoint.com. I have set the A record to point to my static router IP address. I also setup a CNAME for server.redcedarpoint.com to the same address.
During the initial portion of setup SLS sees my ISP's domain versus my own domain and incorrectly fills the local domain name. I manually changed these to redcedarpoint.com and called the server 'server'. This puts server.redcedarpoint.com into all the host names. Everything seems to work, but now all my users get email addresses like [email protected] versus [email protected]. I have manually set mail host name to redcedarpoint.com (although this is wrong I think). It solves the email addressing issue, but now postfix gives me a warning about a duplicate:
+Jan 27 21:20:45 server postfix/postmap[70670]: warning: /var/amavis/local_domains.db: duplicate entry: "redcedarpoint.com"+
My question is: What should I fill in during setup and how should I setup DNS from my hosting service.
By the way, I am also trying to funnel all inbound and outbound email through my premium Google Apps subscription.
Here's also the result of postconf -n
+Last login: Wed Jan 27 21:19:47 on ttys000+
+server:~ ianknight$ postconf -n+
+biff = no+
+command_directory = /usr/sbin+
+config_directory = /etc/postfix+
+content_filter = smtp-amavis:[127.0.0.1]:10024+
+daemon_directory = /usr/libexec/postfix+
+debugpeerlevel = 2+
+enableserveroptions = yes+
+header_checks = pcre:/etc/postfix/customheaderchecks+
+html_directory = /usr/share/doc/postfix/html+
+inet_interfaces = all+
+mail_owner = _postfix+
+mailboxsizelimit = 0+
+mailbox_transport = dovecot+
+mailq_path = /usr/bin/mailq+
+manpage_directory = /usr/share/man+
+mapsrbldomains =+
+messagesizelimit = 10485760+
+mydestination = $myhostname, localhost.$mydomain, localhost, dmcwatering.com, internationalcardio.com+
+mydomain = redcedarpoint.com+
+mydomain_fallback = localhost+
+myhostname = redcedarpoint.com+
+mynetworks = 127.0.0.0/8,216.239.32.0/19,64.233.160.0/19,66.249.80.0/20,72.14.192.0/18,209.8 5.128.0/17,66.102.0.0/20,74.125.0.0/16,64.18.0.0/20,207.126.144.0/20,173.194.0.0 /16+
+newaliases_path = /usr/bin/newaliases+
+queue_directory = /private/var/spool/postfix+
+readme_directory = /usr/share/doc/postfix+
+recipient_delimiter = ++
+relayhost =+
+sample_directory = /usr/share/doc/postfix/examples+
+sendmail_path = /usr/sbin/sendmail+
+setgid_group = _postdrop+
+smtpsasl_authenable = yes+
+smtpsasl_passwordmaps = hash:/etc/postfix/sasl/passwd+
+smtpdclientrestrictions = permit_mynetworks permitsaslauthenticated rejectrblclient zen.spamhaus.org permit+
+smtpdenforcetls = no+
+smtpdhelorequired = yes+
+smtpdhelorestrictions = rejectinvalid_helohostname rejectnon_fqdn_helohostname+
+smtpdpw_server_securityoptions = cram-md5,gssapi,login+
+smtpdrecipientrestrictions = permitsaslauthenticated permit_mynetworks rejectunauthdestination checkpolicyservice unix:private/policy permit+
+smtpdsasl_authenable = yes+
+smtpdtlsCAfile =+
+smtpdtls_certfile =+
+smtpdtls_excludeciphers = SSLv2, aNULL, ADH, eNULL+
+smtpdtls_keyfile =+
+smtpdtlsloglevel = 0+
+smtpduse_pwserver = yes+
+smtpdusetls = no+
+unknownlocal_recipient_rejectcode = 550+
+virtualaliasmaps =+
+server:~ ianknight$+

The first one is easy...
Jan 27 21:20:45 server postfix/postmap70670: warning: /var/amavis/local_domains.db: duplicate entry: "redcedarpoint.com"
You have redcedarpoint.com set as both the domain name and the hostname of the server. That is not correct:
mydomain = redcedarpoint.com
myhostname = redcedarpoint.com
In this case, myhostname should be the reverse DNS hostname that the recipient mail server would see on outgoing mail - typically this would be something like 'mail.redcedarpoint.com
You should also fix the mydestination parameter so that it includes your domain name as well:
mydestination = $myhostname, localhost.$mydomain, localhost, dmcwatering.com, internationalcardio.com
mydestination identifies the domains this server accepts mail for. In this setup it will accept mail addressed to @mail.redcedarpoint.com (assuming you fix myhostname, as above), @localhost.redcedarpoint.com, @localhost, @dmcwatering.com and @internationalcardio.com
Nowhere here does @recedarpoint.com appear, so users won't get mail addressed to [email protected]
It's easiest to just add redcedarpoint.com to the list of domains the server handles mail for.
how should I setup DNS from my hosting service
Your subject implies a reverse DNS question, but there's nothing in this post about reverse DNS. Other than that, you should have an MX record for your domain that points to the public IP address of your router.

Reporting-MTA not using virtual domains

I hope this will be an easy answer that I'm just not seeing...
I have mail running on 10.5.2 with multiple virtual domains.
vdomain1.com
vdomain2.com
vdomain3.com
etc.
Receiving mail and sending mail both work fine, except on occasion I get the following error trying to send to certain addresses (mchsi.com is one example):
<[email protected]>: host gateway.mchsi.com[204.127.203.150] said:
550-63.254.110.6 blocked by ldap:ou=rblmx,dc=mso,dc=att,dc=net 550 Blocked
for abuse. Please contact the administrator of your ISP or sending
mailservice. (in reply to MAIL FROM command)
Reporting-MTA: dns; mail.XServeMail.local
X-Postfix-Queue-ID: 87047361E24
X-Postfix-Sender: rfc822; [email protected]
From what I can tell, the mail server is using the machine's host name (mail.XServeMail.local) as specified in Server Admin as opposed to using something like mail.vdomain1.com.
Is there a way to tell it to use mail.vdomain1.com when mail is sent from that address, use mail.vdomain2.com when mail is sent from that address, etc.?
I've been reading a lot of the Postfix configuration information, but don't want to start down the wrong path without someone providing a bit of guidance first.
Here is the postconf -n output:
command_directory = /usr/sbin
config_directory = /etc/postfix
content_filter = smtp-amavis:[127.0.0.1]:10024
daemon_directory = /usr/libexec/postfix
debugpeerlevel = 2
enableserveroptions = yes
html_directory = no
inet_interfaces = all
mail_owner = _postfix
mailboxsizelimit = 0
mailbox_transport = cyrus
mailq_path = /usr/bin/mailq
manpage_directory = /usr/share/man
mapsrbldomains =
messagesizelimit = 0
mydestination = $myhostname,localhost.$mydomain,localhost
mydomain = XServeMail.local
mydomain_fallback = localhost
myhostname = mail.XServeMail.local
mynetworks = 127.0.0.0/8
newaliases_path = /usr/bin/newaliases
queue_directory = /private/var/spool/postfix
readme_directory = /usr/share/doc/postfix
relayhost =
sample_directory = /usr/share/doc/postfix/examples
sendmail_path = /usr/sbin/sendmail
setgid_group = _postdrop
smtpdclientrestrictions = permit_mynetworks
smtpdenforcetls = no
smtpdpw_server_securityoptions = login,plain,cram-md5
smtpdrecipientrestrictions = permitsasl_authenticated,permit_mynetworks,reject_unauthdestination,permit
smtpdsasl_authenable = yes
smtpdtls_certfile = /etc/certificates/Default.crt
smtpdtls_keyfile = /etc/certificates/Default.key
smtpduse_pwserver = yes
smtpdusetls = yes
unknownlocal_recipient_rejectcode = 550
virtualmailboxdomains = hash:/etc/postfix/virtual_domains
virtual_transport = lmtp:unix:/var/imap/socket/lmtp
Thank you in advance for any help.

You cannot use a different host name depending on the sending domain and also this is not necessary.
What you need to do is to give your mail server a fully qualified hostname that can be resolved by an external DNS lookup. Also make sure your mail server's IP has a proper reverse PTR record.

Setting Up Personal Domain

Hi Everyone,
I wasn't noob at this before, but I guess I fall back into this category. I recently purchased and install Mac OS X 10.5.2 Server, and I am trying to set everything up. I understand most of the basics, but I want to use my personal domain, deviantsynergy.com as the domain on my system. I know I need name servers and such. But I only get a Dynamic IP from my ISP, and I am behind a dlink DIR-625 router. I believe there are some sites that I can use dynamic dns, but I am at a total loss of how to set all this up. I want to be able to host websites, have mail server set up for my collegues, etc. Can someone give me the run down on how to get this all going?
Thanks!

First setup a dyndns account.
For the dynamic IP you could perhaps use a dyndns FQDN as the pointer to your DNS hosting your own domainname, if the domain registrar will allow you.
deviantsynergy.com NS deviantsynergy.dyndns.org (or some other FQDN using one of dyndns domains)
To update the account at dyndns with the current dynamic IP either use the router or a dyndns client running on the server.
Use a static IP for the server on the router/server LAN and forward the ports and protocols you need to it.
A coule of years back I helped another guy who eventually got this working.
It might be easier if the router supports NAT loopback and if you have a second internal only domain setup on the server.

Setting server up to point to Domain

I feel I am going in circles reading everything...
I have our server up and running. Inside the house when I type the IP address 192.168.123.7 I am taking to the MAC OS X server page.
I bought the domain www.coheu.com and would like this to be the server domain so I can access the server from outside the office.
Our internet has the static ip of 81.82.193.252.
Am I supposed to edit the DNS zone for the domain coheu.com to point to this static ip?
I created a DNS zone on the server with the following:
coheu.com. --- static ip
ns1.eleven2.com --- static ip
ns2.eleven2.com --- static ip
ns3.eleven2.com --- static ip
www.coheu.com. - alias coheu.com.
Does something seem messed up to anyone?
Currently I can't even type in the static IP to get to the default website landing page...

*Our internet has the static ip of 81.82.193.252*
Where did you enter this information? On your standalone router?
We have a public IP that is on the WAN side of our router. The ISP handles public DNS so that folks outside our LAN can find the public facing side of the router. The router is configured to forward certain services / ports to the internal IP of the server. Web, mail, and a couple of others.
Internally, we run our own DNS that is configured very similar to what you have. But you must replace the "static ip" with the internal ip of "192.168.123.7". This permits any machine on the internal LAN to hit the local server.
You will need to check with your ISP to make sure that they setup DNS records that point to your public IP. Then you will need to forward ports 80, 110, 25, etc (depending on what your requirements are) on your router to the internal IP of 192.168.123.7. Then you need to change the zone file you created on the server to use the internal IP of 192.168.123.7 instead of your public IP.

Maverick Server sub domain set up

Hello,
I currently have a Maverick Server where I set up DNS service in conjonction with my ISP where the domain name is "mainly" hosted.
Lets say my domain name is mydomainname.com
I would like to set up sub domains as cust1.mydomainname.com, cust2.mydomainname.com etc... in my DNS Maverick Server service.
I would like then to attach this to websites hosted on the same Maverick server via Web server service.
I could I do all this?
Thanks for your answers.
Best
Eiffel

Thanks for this interesting answer.
You mean that the website name I provide will be used as a DNS entry right?
I "only" have to register this new subdomain in the external DNS server? Is this what you mean?
Best and thanks again for your answers.

@whittier.edu domain is blocked to @verizon.net email addresses

I work at Whittier College in CA. We cannot send email to people with verizon.net email addresses. I have complaints from 5 different people. They all get returned email like this.
{edited for privacy}
#< #4.0.0 X-Spam-&-Virus-Firewall; connect to relay.verizon.net[206.46.232.11]: server refused mail service> #SMTP#
X-Barracuda-Spam-Status: No, SCORE=0.00 using global scores of TAG_LEVEL=1000.0 QUARANTINE_LEVEL=1000.0 KILL_LEVEL=5.0 tests=HTML_MESSAGE, MAILTO_TO_SPAM_ADDR
X-Barracuda-Spam-Report: Code version 3.2, rules version 3.2.2.141313
        Rule breakdown below
         pts rule name              description
        0.00 MAILTO_TO_SPAM_ADDR    URI: Includes a link to a likely spammer email
        0.00 HTML_MESSAGE           BODY: HTML included in message
This message appears to be from Verizon firewall. Whittier College does not block any outgoing email.
Please help!

You will need to contact Verizon. This forum is mainly peer to peer, although an admin MAY step in with advice.
You may be able to handle this with the whitelist request form for ISP's
http://my.verizon.com/micro/whitelist/RequestForm.aspx?id=isp
Or you may have to call them. The general number is 1-800-Verizon
You may have someone abusing your domain by sending lots of spam.

Issues with Personal Domain & mail forwarding.

Hi all,
I have (after several weeks of fiddling, tinkering, messing and stressing) finally got my personal domain pointed at my iWeb site. It took long enough, but now everything is as it should be.
Except for one small annoying thing.
I have mail forwarding set up at my domain registrar. This works fine, expect when sending mail using .mac mail. In other words, when someone sends mail to an e-mail address which uses my domain name - it arrives in my inbox. But it someone sends it using the mac.com servers, then it gets returned as undeliverable.
Anybody got any ideas?
Thanks in advance,
Paul C.

To clarify, if I've registered the domain "mydomain.com", my registrar forwards any e-mails that are addressed: [email protected] to the mailbox of my ISP.
This works when e-mails are sent to this address via an ISP's smtp server and via most webmail. But when sent via mac.com servers, it comes back with a failure stating: "reason: 554 5.7.1 Recipient access denied.

O=isp vs dc=domain, dc=com

Similar Messages

Maybe you are looking for