Hi,
We have a (messy) setup of two Barracuda spam appliances that send
mail to an internal mail gateway that has a recipient table. From
there, mail is delivered either to an Exchange server or a Zimbra
Cluster depending on the user (we run Exchange for corporate employees
and Zimbra for franchise employees). When I arrived, mail was flowing
from a non Barracuda gateway (I brought in those appliances) directly
to Exchange, which had a recipient policy that would send unrecognized
mail to the Zimbra server. One of my tasks was to remove the reliance
upon Exchange for our franchise users, so that downtime to Exchange
wouldn't impact our franchisees.
The gateway was my solution, since the Barracudas while wonderful
devices are spam processors - not gateways, and have no support for
this type of a split domain format.
So this all works wonderful, and I run a script every 15 minutes that
queries LDAP on both Zimbra and Active Directory to add any new users
(and remove any closed accounts) to the transport table on the Postfix
"gateway" (there are actually three gateways for load balancing
purposes, and to have one in our DR facility.
I recently was given a horrible mail archiving solution to implement
(really cheap, really poor). Getting it to work was easy. Zimbra runs
Postfix itself, so I use the always_bcc parameter to split off a copy
of every message to the archiver. For the Exchange side, when you
enable journaling, it sends the message as a system message (no
envelope from) which this archiver IGNORES in an attempt not to
archive DSNs or vacation auto responders. The vendor is unable
(unwilling?) to change this behavior for us.
So it occurs to me that the easy solution is to forward the journaled
mail not from Exchange to the Archiver directly, but send it to these
same gateways, and find a way to have Postfix rewrite the envelope
sender from not having one to whatever the actual From: message header
is, which will make the archiver happy, and validate our executive's
decisions to give me a crappy archiver and not budget real money on
this initiative. :)
Unfortunately - I have NO clue how to do this - any pointers?
