Hello,
I need some clarifications on setting up a subdomain mail-server. We
have at our domain level various sub-domain based email servers.
Eg:
Domain name: KLM.XYZ (eg abc@KLM.XYZ)
Sub-dom name: A.KLM.XYZ (eg abc@A.KLM.XYZ)
B.KLM.XYZ
C.KLM.XYZ

All the sub-domains are on the same physical mail server. Now we need to have another, physically separate, email server (say D.KLM.XYZ). Is it possible that changing DNS entry in the DNS server, we can redirect mails addressed to the mail server? Or, due to priorities that are given in mail-exchanger, in case some host fails could there be problems?

As only the last subdomain is physically different, does it mean that the admin of D.KLM.XYZ need to have privileged access to any of the other mail servers? Or instead of 'main' mail server responding, would the DNS help in routing a mail addressed to D.KLM.XYZ directly? I am confused over this and any help regarding the same would be greatly appriciated.

Thanking you,
-Snjv

I think it is just where the MX records point and what domains each mail server is set to accept, but I have not tried this.

In case it matters, could you mention what mail server you are using as well as what your DNS records look like (so others may offer more informed opinions).

That's the problem! The network guys believe that it is a security issue (!) to disclose the contents there while I have been insisting that setting up of mail server as a subdomain is a non-issue (well, almost) with only DNS entries needing to be addressed. So I have been trying to find out how it is done normally, and in case if I missed something.

Would you mind restating this, but with a lot more explanation of what they are worried about (what have they told you)?

Is the problem that you want to have mail for subdomains, or that you want to run a separate server? What are some of the bits of background that would help to frame the question?

If the problem is a DNS record for a different mail server, the admin of the main server should be able to set that one up to accept mail for a specific subdomain and forward it to a different host. I have not tried this myself, but that is what mailservers are there for...

if you want to have a sub email domain

1. install the linux box,(w/ live ip address)
2. then proceed to installing mail server(sendmail or qmail)
3. then proceed to add the ip of your new linux box in your domain manager.

hope that helps

I too have no clue as to what they were worried about. The impression I got was that I would require some privileged access or exposure to some sensitive information regarding the network setup and/or main mail server, which I do not believe to be the case. But I need some convincing site or argument to refute this.

Something that is like in "Testing the MX record" section here:
http://hostlibrary.com/UnderstandingMXrecordskhu.html


So far we have several subdomains, but they are all running on the same physical computer. So, for the first time, I am trying to have another server to act as a mail plus web server. The network folks insist that it can't be done without compromising on the security, or worse, without changing a lot of setup.


Yes, but I am looking for some material to get this point across.

BTW, from security point of view, how dangerous is it running a mail server (behind a firewall) on Postfix (recent release)?

It may be that they have a firewall, and it allows <stuff> to go to that one mailserver. Maybe also that host is not on the internal network, but a dmz type thing. So from their point of view, it is more work for them to setup things for your computer. Given that, maybe forwarding would work well enough for what you need/want and what they need/want (ref).

If that be the case would the following solution should be good?

1. Use an (external) IP outside firewall.
2. Make 'A' and 'MX' entries in the DNS server.

<snip>
mydomain.com. 14400 IN A 216.34.94.184
newserver.mydomain.com. 14400 IN A 216.34.94.185
mydomain.com. 14400 IN MX 30 mydomain.com.
subdomain.mydomain.com. 14400 IN MX 30 newserver.mydomain.com.
</snip>

Then 'newserver.mydomain.com' should be both web and mail server.

Is this true?

I think that should be okay, you could also add a www.subdomain.mydomain.com. record if it will be a webserver. (btw - I usually try to use example.com, since it is there for that purpose).

I would expect network security problems for neither those dns records nor your proposed setup.

But I remember reading that if we have both subdomain.example.com and www.subdomain.example.com, we need to configure the Apache settings as well. Is that true? I guess just an alias would do the same to the addtional www. URL.

I would be interested to see such information, Considering that the dns stuff is typically just something to help humans get the right computer, it should not matter at all.

I tried digging it again, but I couldn't locate it so far. Till I find, I'd agree with you. Probably even after that. What you say makes sense.

Thanks a lot for the help.

Dear Friend,
I have configured mail server by using postfix with domain linux.com.
Now I need to configure a sub domain let say newmail.linux.com. How can I configure it. if you can help me please... Also if you tell me where I can get documents for configuring sub-domains that gud.
Thanks a lot.
HARI.

Is this the only domain that this server is serving? If so, just follow any howto for setting up postfix. Start at www.postfix.org.

If you are planning to have multiple domains on this server, you need to decide what sort of configuration you want - virtual domains and users of unix users, etc. Again, do some reading at the postfix site.