SysAdmin |
|---|
| ||||||||||
|
|
Version 5.2 |
||||||||||||||||||||||||||||||||
|
|
Each E-mail or Signal address consists of two strings: a domain name and a local part. Usually, an address looks like xxxx@yyyyy, where yyyyy is the domain name (the unique name of the recipient mail system) and xxxx is the local part, i.e. a user name or an account name in that system.
When the Router parses an address, it extracts the name of the system the message should be delivered to. It becomes the domain name part of the address. The rest of the address is placed into the local part, i.e. the local part defines the recipient when the message or the signal is delivered to the system specified with the domain name. In the examples above, the domain name part is zzzz, while the local part is xxxx@yyyyy.
See the RFC822 and related documents for details on E-mail address formats.
If a local part contains a complex address (i.e. the local part itself contains domain name(s) and a local part), the local part is presented using the '%' notation: local%domain1%domain2, so the full address in the CommuniGate Pro canonical form would be local%domain1%domain2@domain.
When the domain name is extracted from an address, the Router compares
it against the domain name of the Server (set in the General
settings). If they match, the domain name is set to an empty string. When
the domain part becomes an empty string, the Router restarts processing
with the local part, trying to divide it into the domain and local parts
again.
For example, if the Main Domain name of your Server is company.com, then the
following addresses will be converted as shown:
| Address | local part | domain part |
|---|---|---|
| support@company.com | support | company.com |
| -- routed --> | support | |
| <@company.com:sales@example.com> | sales@example.com | company.com |
| -- routed --> | sales@example.com | |
| -- routed --> | sales | example.com |
Your Server can support many independent Domains in addition to the Main Server Domain.
In order to process Messages and Signals directed to your Server Domains, you should ensure that the Messages sent to that domain are directed to your Server with the global DNS system.
Example 1: your server (example.com) serves the example.com Domain and a parteners-example.com Domain. Make sure that DNS MX records are created for both Domains, and that those records point to your example.com Server.
Example 2: your server (example.com) acts as an "Remote POP" mail host
relay for some client systems. Each client
has its own domain name (client1.com, client2.com, and client3.com), and
you have configured your Router to ensure that all E-mails sent to the
client1.com domain will be routed to the Unified Domain-Wide Account client1, etc.
You should also ensure that when an E-mail is sent to the client1.com domain,
that E-mail is routed to your server (example.com). The client1.com MX record should
be created in the DNS system and that record should point to your Server (example.com).
When an address is parsed and its domain part is extracted, the Router checks the routing records in the Routing Table.
Use the WebAdmin Interface to manage the Routing Table. Open the Router page in the Settings realm:
Each line in the Routing Table is a routing record. A routing record contains optional prefixes, a left part, the equals (=) symbol and a right part. The semicolon (;) symbol can be used to place a comment after the right part of a routing record. A comment line can be added to the Table by inserting a line starting with the semicolon symbol.
The Router takes a parsed address (i.e. the domain and local parts of the address) and uses the Table, scanning its records from top to bottom. If an applicable record is found, it is applied as described below and the modified address is processed with the Router again.
A Routing record can contain a Relay-mode prefix: Relay: (can be shorten to R:),
NoRelay: (can be shorten to N:), or RelayAll:.
See the Protection section for the details.
If none of these prefixes is specified, the NoRelay: prefix is assumed.
The left part of a Routing record contains a Sample: a string with an optional wildcard.
The following wildcards are supported:The backslash (\) symbol is used as an escape symbol: \\ is processed as a single backslash symbol, \* is processed as an asterisk symbol, etc.
Only one wildcard symbol is allowed in a sample.
The right part of a Routing record contains a Route: a string with an optional * wildcard.
When the Record Sample matches an address, the address is changed to the Record Route. The substring matching the Sample wildcard substitutes the Route wildcard.
The backslash (\) symbol is used as an escape symbol: \\ is processed as a single backslash symbol, \* is processed as an asterisk symbol, etc.
Only one wildcard symbol is allowed in a Route.
If the left part of a Routing record contains a domain name, the record specifies domain-level routing.
When some address is being processed and the domain name matches a domain name specified in such a record, the domain part is substituted with the right part of the routing record.
A routing path can specify relays.
If E-mails and Signals to several domains should be routed in the same or similar way, you may use the asterisk (*) symbol as the wildcard symbol.
Very often this type of routing is used to process all subdomains of the some domain.
Besides domain-level routing records, routing for domains can be specified
using account-level records (see below).
Records for Unified Domain-Wide Accounts are domain-level routing records, too.
If the left part of a routing record contains an address in the angle brackets (< and >), the record is an Account-level record - a routing rule for a specific address.
When an address is parsed and the Router scans the Table records, it compares the address domain part with the domain part of all Account-Level routing records.
If the domain parts match, the Router compares the local part of the address with the local part of the account-level record address. If both domain and local parts match, the right part of the account-level routing record is used as the new address. The Router restarts, parsing and processing this new address.
Note: Because the Server Main Domain Name in the parsed address is immediately replaced with an empty string, account-level records that should apply to addresses in the Main Domain should not contain any domain part at all.
In the all examples below mycompany.com is the Server Main Domain name.
The right side of an account-level record can be any address.
You can use the wildcard symbol (*) in the local part of account-level records. The same symbol can be used in any part of the right-side address to specify substring substitution.
You can use Router account-level records to reroute E-mails and Signals sent to some of the your Server Secondary Domains. In the following example, the client.com is a local Secondary Domain.
In most cases you do not have to use account-level Router Records: if you need to provide an alternative name some Account, use Account Aliases instead. If you need to re-route all E-mails and Signals sent to some name in a local Server Domain to some other address, use Forwarders instead.
You may need to create an alias for a specific account on a foreign system. For example, if all E-mail sent to some domain should be routed to a specific mail host or to a unified account, but certain accounts in that domain should be routed to accounts on your or other systems.
The wildcard symbol (*) can be used only in the local part of the full account name (i.e. it can be used before the @ symbol).
You can use the wildcard feature to host several domains in one CommuniGate Pro Domain creating a unique "address space" for each domain name.
This method can be used when you do not want to create full-scale CommuniGate Pro Domains for many domains containing very few Accounts.
Account-level records can use wildcard symbol (*) as the domain part. This records are applied to the addresses that contain any local Domain (i.e. a Domain created on this CommuniGate Pro Server or Cluster). The right-side address of such record specifies an address in the same local Domain.
If the right-side address contains a domain part, the address is routed to that domain.
The local part of the left-side address can contain a wildcard (as in regular account-level records). The string matching this wildcard symbol can be used in the right-side address.
If the domain part of an address is NULL, or if the domain name part is empty, and the local part is NULL, the address is directed to a fictitious internal "Black hole" module.
When an E-mail message is routed to the "Black hole", the address is marked as "delivered" immediately, without any additional processing.
This feature allows you to use a local name NULL or the domain NULL as a "black hole" address: all messages sent to that address are just discarded. The MAILER-DAEMON address is automatically rerouted to NULL.
If the domain name part of an address is ERROR, or if the domain name part is empty, and the local name part is ERROR, the address is rejected without processing, generating an error report/response.
If the domain name part of an address is BlackListed, or if the domain name part is empty, and the local name part is BlackListed , the address is rejected without processing, generating the "Blacklisted Address" error report. See the SMTP module description for the details.
If the domain name part is empty, and the local name part is spamtrap, routing stops. Addresses of that type are rejected as the ERROR addresses, but the SMTP module processes them in a special manner. See the Protection section for the details.
If the domain name part is empty, and the local name part is incomplete, routing stops. Signals sent to these addresses are rejected with the "Address Incomplete" error code.
If the domain name part ends with the symbols .here, this suffix is removed, and the remaining part of the domain name is used as the name of a local CommuniGate Pro Domain. This suffix allows you to avoid routing loops in certain situations.
After all Routing Table records are applied, the Router checks if the domain name part ends with the .via suffix. The suffix is removed, and the domain name is used as the target host name, and the local part of the address is used as the address to pass to that host. The address is routed to the SIP module for Signal operation, or to the SMTP module for E-mail transfer and access operations.
Note: addresses in the sales.company.com domain will be relayed with the domain part
removed, i.e. the address <user@sales.company.com> will be relayed to sales.company.com host as <user>.
This may cause troubles if the sales.company.com server does not accept addresses without domains. See the next sample for a possible solution.
Note: You can specify just host.com instead of host.com.via here (given there is no other router record for host.com), but in this case mail to user@client1.com will be sent to the host.com as user%client1.com@host.com. By specifying the .via suffix you not only tell the Router to route the address to a relaying module, but you also force that module to send only the local part of the address to the remote server.
| Address Processing without the .via suffix | ||
|---|---|---|
| user @ client1.host | Router converts to | user%client1.host @ relay |
| user%client1.host @ relay | Router converts to | user%client1.host @ host.com |
| user%client1.host @ host.com | Router stops | no rule for host.com |
| user%client1.host @ host.com | Router accepts | for SIP/SMTP host.com host as user%client1.host@host.com |
| Address Processing with the .via suffix | ||
| user @ client1.host | Router converts to | user%client1.host @ relay |
| user%client1.host @ relay | Router converts to | user%client1.host @ host.com.via |
| user%client1.host @ host.com.via | Router accepts | for host.com as user@client1.host |
If the domain part of the address contains the .via suffix, the module checks the last domain name part after removing this suffix. If that part is a number, the dot (.) symbol separating this part is changed to the colon (:) symbol:
host.domain.dom.26.via --> host.domain.dom:26 When the domain name contains a colon symbol, the SIP and SMTP modules:The Router also checks if the domain part of the address ends with the .relay suffix.
This suffix is removed and the resulting domain name is used as the target host name (after changing
the optional port name separator to the colon symbol).
This domain name (after removal of the optional port name and its separator) is added to the local name, using the
@ symbol as the separator.
Many Signals (especially phone calls) should be handled with the "stock" or custom Real-Time Applications. To Route a Signal to an Application you need to specify the Application name and, separated with the hash (#) symbol, the name of the Account that will be used to run the application:
You can specify the application parameters by adding them after the application name, enclosed into the { and } brackets and separated with the comma (,) symbol.
The wildcards in the right part of a Router record are substituted before any processing begins, so you can use the wildcard value as the application parameter.
If the domain part of an address is telnum, the address local part is processed as a E.164 phone number.
The following steps are taken by the Router before it applies its Routing Table(s) and other routing methods:If the phone number is not rerouted by any of the above methods, the Router processes it as a regular address.
To add a ENUM domain, enter its name into the empty field, and click the Update button.
To remove a ENUM domain, remove its name from the field and click the Update button.
Domains are used in the specified order.
See the PSTN section to learn more about PSTN and telephone number routing.
After all Routing Table records are applied, the Router checks if the domain name is actually an IP address. If the IP-address domain name is not enclosed into the square brackets, the Router encloses it: user@10.34.45.67 is converted into user@[10.34.45.67]. This allows you to specify Routing Table records for IP addresses assuming that the address is always enclosed into square brackets.
For IP addresses enclosed in square brackets, the Router checks if the IP address is assigned to one of this Server Domains. If a Domain is found, the IP address is substituted with that Domain name. If the IP address is the IP address of the Server Main Domain, an empty string is placed into the domain name part, and the Router makes the next iteration after parsing the local name part of the address.
If an IP address is not assigned to a local Domain, the Router processes the
[10.34.45.67] domain name as the 10.34.45.67.default_port.via name:
the Router sends the address to the SIP or SMTP module, cutting off the domain part and using it as the host name
to relay to.
If no Routing Table record can be applied to an address, and the address is not a special address or an IP address of a local domain, the Router calls each communication module requesting a routing operation.
Each module looks at the address passed and can:If a module has modified an address, the Router makes a new iteration, repeating all steps for the new, modified address.
If the Router is called from the Message Enqueuer component, and a module has accepted the address, the message is enqueued to this module for delivery.
If the Router is called from the Signal component, and a module has accepted the address, the Signal Request is sent to this module for processing.
Each module is called twice. First, the Router calls each module asking to process "obvious" addresses. On this call the modules process only the addresses that are definitely directed to that module: the SMTP module processes addresses with the domain part ending with .smtp, the LIST module processes the addresses of the exiting mailing lists, etc.
If all modules have ignored an address, the Router calls each module again, asking for a "final" attempt. On that stage, the Local Delivery module processes all addresses directed to local domains, the SIP module accepts all signal-type addresses, the SMTP module processes all addresses with domain names that have at least one dot, etc.
This two-step method allows several modules to correctly process addresses without relying to a particular module call order. If each module would process an address in one step, listname@domainname addresses (that look like Local account addresses), would be rejected with the Local Delivery module if it is called before the LIST module, user@accountName.local addresses would be taken with the SMTP module instead of the Local Delivery module, etc.
See the module descriptions for the details.
After all Routing Table records are applied, the Router checks if the domain name is the external string. In this case, the domain part is cut off, and the local part is passed to the External Authenticator program.
The external program can use any method to process the supplied address, and it should return a modified address or an error code.
If a modified address is returned, the Router makes the next iteration with this new address.
If a Signal is sent to 0115556666@local.domain.dom, where local.domain.dom is a local Domain, the address will be rerouted to tele-5556666@external and the External Helper will receive a request to route the tele-5556666 address.
The Router supports DNS-based routing for telephone numbers. This method is usually applied to E.164 numbers - telephone numbers starting with the plus symbol followed with the country code, area code, and the local number.
If the domain name has the .enum suffix, then the Router:The Router restarts, processing the found mapping string as the new destination address.
If the DNS search returns the "unknown host name" error, the .enum domain name suffix is replaced with the .noenum suffix, and the Router restarts to process the modified address.
When the server is first installed, the following records are placed into the Routing Table:
All these default records can be modified or removed, if needed.
Users working on sites that have many different Servers (server1.myorg.org, server2.myorg.org, server3.myorg.org) tend to use addresses with non-qualified domain names (user@server1, user@server2, user@server3). When you have only few servers in your myorg.org "upper level" domain, you can "fix" those addresses by specifying several Router Table records:
server1 = server1.myorg.orgIf you have many servers in your myorg.org "upper level" domain, it becomes impossible to provide Router Table records for all of them. In this case you may want to enable the Add myorg.org to Non-Qualified Domain Names option. If this option is enabled, and an address cannot be routed using CommuniGate Pro Router Table and Modules, and the domain part of the address does not contain a dot symbol, the specified string (myorg.org) is added to the address domain name (separated with the dot symbol). The address user@someserver will be converted to the user@someserver.myorg.org address and the Router will try to route this new, corrected address.
Note: It is a very bad practice to use non-qualified domain names in E-mail or Signal addresses. Enable this option only if you can not enforce a policy that requires your users to specify correct, fully-qualified domain names in all addresses they use.
When the CommuniGate Pro Server detects that a message or a signal should be directed to some name in one of the Server local domains, these records are checked. If the local part of the address matches the Local Address field in one of these records, the address is rerouted to the address specified in the Reroute To field.
If, for example, the abuse and postmaster@maindomain.dom addresses are entered into the All-Domain Aliases table (as shown above), then all messages directed to any abuse@domain.dom address (where domain.com is one of the CommuniGate Pro Domains) are rerouted to the postmaster@maindomain.com.
Note: it is very easy to create routing loops using these records: if you enterYou can use wildcard (*) symbols in these fields.
For example, you may want to create a "dial plan" for your organization that has 10 different departments, each served with its own Domain:
If Accounts in each Domain have aliases in the 200-299 range, then the users can call other users
within the same Domain by dialing the 2xx number.
They dial the 91 prefix (a 912xx number) to reach users in the domain1.com Domain.
They will use the 92 prefix to reach users in the domain2.com Domain, etc.
The CommuniGate Pro Dynamic Cluster maintains the Cluster-Wide Routing Table. When you open the Router WebAdmin page on any Cluster member, you see the link that opens a Cluster-Wide Routing Table page. All modifications made to this Table are automatically propagated to all Cluster Members.
The Cluster-Wide Router Table is processed as an extension of the Server Router Table: the Cluster-Wide Router Table records are checked when no Server Router Table record can be applied.