How to route a specific local recipient to Google server

Hello,
My practical scenerio:
I have an external account admin@mydomain_com registered with Google.
By default, MIAB creates automatically an internally alias admin@ mydomain_com.
I setup host mail server MIAB mail.mydomain_com and email account as xxx@mydomain_com
====> How to route local recipient to admin@mydomain_com hosted in Google server.

-Local sender sends to local recepients through local (mail.mydomain_com) as usually. So when local sender sends to admin@mydomain_com, it will process internally, and external account admin@mydomain_com hosted by Google do not receive.

My expectation: External account admin@ mydomain_com hosted by Google can receive email from local sender.

What I have done:
-Setup transport_maps with “admin@ mydomain_com delay:[AWS SES]:587” but it seems doesn’t work, still process internally. (Check syslog and it shows that email doesn’t go to AWS SES interface)
-Setup transport_maps with “mydomain_com relay:[AWS SES]:587”, then all emails from local senders to local recipients will be relayed to AWS SES interface, HOWEVER, then to Google , then go back to SES AWS and the status = bounced.
+In this case, event send to admin@mydomain_com, we still encounter status=bounced.

Please advice.

If I understand your question (which is not very clearly worded for me), for MiaB what you are doing requires different domains because an MX record only works for the domain it is configured on. You can’t use MiaB and an external server for the same domain, so your MiaB would use something like the mail.example.com for the example.com domain hosted externally.

Otherwise you are working on a configuration that is not supported by MiaB, but likely possible with some different configuration of postfix than MiaB provides.

Thank you openletter for reply.
You are right. It is likely possible with different configuration of postfix. I will keep searching for it.
Another related question of MiaB:
How can I create an account admin@example.com instead of that for an alias by default?

You cannot.

The workaround that I use is to create a similarly named user (aadmin@) and then create an alias forwarding admin@ to aadmin@. I then set up an identity in my email client, and viola.

I am not fond of this decision by the maintainers of this project, but I understand it’s purpose.

My question - why do you have an account for this domain hosted on MiaB if Google Workspaces hosts that domains MX? Knowing your use case may make the solution more easily identifiable.

@alento ,
My team setup an account admin@example.com with Google Workspace first. Later, when we need more email account, I setup MiaB server.
Another benefit: Google becomes another filter against spam / virus for incoming emails.

Yeah, that is just not going to work as MiaB cannot support ‘Split domain routing’ which is what you are wanting to do.

Why not move admin@example.com to MiaB and abandon Google? @hungnguyen

@alento
Because our team is using another services with Google.

You can use those other services still without hosting email there I do believe. :slight_smile:

(for free even)

1 Like

Thank you Alento for your suggestion.

Hello,

You can use the other services from google and move out the email to MiaB.

Although the amount of spam coming through the spamfilter of MiaB is very low (in my situation for a 20 years old domain); the google spam filter is slightly “better”?

If MiaB accepts a domain, which is currently not hosted (I’m not sure if that’s possible), you can probably use MiAB as a relay for the admin account.

For good reception, you have to modify the SPF record of your domain to something like:
“v=spf1 mx include:box.<yourboxdomain> -all”

Of course, the same needs to be done for your DKIM records and probably more.

Try step by step, look at your mail.log/mail.err file; keep in mind, dns propagation takes some time.
Probably the best way is to deliver the mail, you want to sent, trough smtp-auth directly to Google.

Thank you Sander-Schippers,
Hopefully I understand your suggestion correctly.
We are stuck at how to relay for only admin account. Right now as tested, Postfix param transport_maps works for our example.com domain, but not for only admin@example_com.

Actually we prefer to use filter of Google for incoming messages. That way helps us more protected, and we maybe accept the minor issue that other local messages can’t reach Google hosted admin@example_com

Hi @hungnguyen

Just to make sure that I understand you correctly …

You have Google Workspaces hosting a domain example.com. It is only hosting ONE mailbox which is admin@example.com. It is then using split routing delivery to send all other emails to your MiaB instance. Is this correct so far?

You have modified your MiaB to send emails out via SES, and that is working for all users other than admin@example.com. Is this correct?

Emails sent by other users to admin@example.com are being received by Google, correct? Other users as in located within your MiaB. I am not concerned with outside users that are not on your domain. Is this correct?

Let me know the answers and we’ll continue from here. Thanks!

Thank you @alento for looking into this,

  1. You have Google Workspaces…:
    Yes, it is correct.

  2. You have modified…
    Emails sent by our users to domain other than example_com will go through AWS SES.
    Emails sent by our users to example_com, MiaB will process. ==> Here, we expect that emails sent by our users to admin@example_com can reach mailbox admin@example_com hosted by Google. We are stuck here.

  3. Email sent by other users…
    Yes. it is correct.
    Combine with 1., hopefully it is clear.

Thanks.

Ok. You will ALWAYS be stuck here as there is no ‘user’ for admin@example.com. It is only an alias.

The only possible scenario I can see working would be to rake my earlier advice.

OR

There is one possible experiment that you can try. Can you create an alias to be delivered to the admin@example.com address on Google’s end? Then change the alias for admin@example.com on your MiaB to forward to the new alias you have created with Google. I am doubtful that this will work, but it is the only possibility you have.

I understand your possible experiment. Like you, I also think it will work.
In this case, we need 2nd domain, example2_com for example, registered with Google. Then Google admin@example_com has alias AdminAlias@example2_com
Currently, we have own only 1 domain example_com. So we will try it when we have 2nd domain example2_com

No, I don’t quite think you’re following my thought process. @hungnguyen

There is no second domain required.

What time zone are you in? Perhaps we can chat on Slack and experiment?

I am highly appreciated your help, @alento,
My timezone GMT +7.
I contacted you on Slack.
Regards,