My practical scenerio:
I have an external account admin@mydomain_com registered with Google.
By default, MIAB creates automatically an internally alias admin@ mydomain_com.
I setup host mail server MIAB mail.mydomain_com and email account as xxx@mydomain_com
====> How to route local recipient to admin@mydomain_com hosted in Google server.
-Local sender sends to local recepients through local (mail.mydomain_com) as usually. So when local sender sends to admin@mydomain_com, it will process internally, and external account admin@mydomain_com hosted by Google do not receive.
My expectation: External account admin@ mydomain_com hosted by Google can receive email from local sender.
What I have done:
-Setup transport_maps with “admin@ mydomain_com delay:[AWS SES]:587” but it seems doesn’t work, still process internally. (Check syslog and it shows that email doesn’t go to AWS SES interface)
-Setup transport_maps with “mydomain_com relay:[AWS SES]:587”, then all emails from local senders to local recipients will be relayed to AWS SES interface, HOWEVER, then to Google , then go back to SES AWS and the status = bounced.
+In this case, event send to admin@mydomain_com, we still encounter status=bounced.
If I understand your question (which is not very clearly worded for me), for MiaB what you are doing requires different domains because an MX record only works for the domain it is configured on. You can’t use MiaB and an external server for the same domain, so your MiaB would use something like the mail.example.com for the example.com domain hosted externally.
Otherwise you are working on a configuration that is not supported by MiaB, but likely possible with some different configuration of postfix than MiaB provides.
Thank you openletter for reply.
You are right. It is likely possible with different configuration of postfix. I will keep searching for it.
Another related question of MiaB:
How can I create an account firstname.lastname@example.org instead of that for an alias by default?
My team setup an account email@example.com with Google Workspace first. Later, when we need more email account, I setup MiaB server.
Another benefit: Google becomes another filter against spam / virus for incoming emails.
You can use the other services from google and move out the email to MiaB.
Although the amount of spam coming through the spamfilter of MiaB is very low (in my situation for a 20 years old domain); the google spam filter is slightly “better”?
If MiaB accepts a domain, which is currently not hosted (I’m not sure if that’s possible), you can probably use MiAB as a relay for the admin account.
For good reception, you have to modify the SPF record of your domain to something like:
“v=spf1 mx include:box.<yourboxdomain> -all”
Of course, the same needs to be done for your DKIM records and probably more.
Try step by step, look at your mail.log/mail.err file; keep in mind, dns propagation takes some time.
Probably the best way is to deliver the mail, you want to sent, trough smtp-auth directly to Google.
Thank you Sander-Schippers,
Hopefully I understand your suggestion correctly.
We are stuck at how to relay for only admin account. Right now as tested, Postfix param transport_maps works for our example.com domain, but not for only admin@example_com.
Actually we prefer to use filter of Google for incoming messages. That way helps us more protected, and we maybe accept the minor issue that other local messages can’t reach Google hosted admin@example_com
Just to make sure that I understand you correctly …
You have Google Workspaces hosting a domain example.com. It is only hosting ONE mailbox which is firstname.lastname@example.org. It is then using split routing delivery to send all other emails to your MiaB instance. Is this correct so far?
You have modified your MiaB to send emails out via SES, and that is working for all users other than email@example.com. Is this correct?
Emails sent by other users to firstname.lastname@example.org are being received by Google, correct? Other users as in located within your MiaB. I am not concerned with outside users that are not on your domain. Is this correct?
Let me know the answers and we’ll continue from here. Thanks!
You have modified…
Emails sent by our users to domain other than example_com will go through AWS SES.
Emails sent by our users to example_com, MiaB will process. ==> Here, we expect that emails sent by our users to admin@example_com can reach mailbox admin@example_com hosted by Google. We are stuck here.
Email sent by other users…
Yes. it is correct.
Combine with 1., hopefully it is clear.
Ok. You will ALWAYS be stuck here as there is no ‘user’ for email@example.com. It is only an alias.
The only possible scenario I can see working would be to rake my earlier advice.
There is one possible experiment that you can try. Can you create an alias to be delivered to the firstname.lastname@example.org address on Google’s end? Then change the alias for email@example.com on your MiaB to forward to the new alias you have created with Google. I am doubtful that this will work, but it is the only possibility you have.
I understand your possible experiment. Like you, I also think it will work.
In this case, we need 2nd domain, example2_com for example, registered with Google. Then Google admin@example_com has alias AdminAlias@example2_com
Currently, we have own only 1 domain example_com. So we will try it when we have 2nd domain example2_com