Migrate our mail server to google apps - repost


We are a company with about 25 user accounts and about 36 GB of mail

data (including cyrus squatter indexes).

Our mail is currently served by a Centos4 mail server with postfix as MTA and

cyrus as backend. Our users access their mail via secured IMAP (TLS) or via

squirrelmail (https). Our users and their passwords are stored in an openldap

server. Postfix, cyrus imap and openldap used are the from latest version from

Centos 4. We use a combination of spamassassin, clamav and sagator to reject

spam and viruses. We also have a mailman service for about 30 mailing-lists

that have no more than 15 recipients each.

We have a 4Mb/s SDLS connexion to Internet.

Our server is reaching its limits (both storagewise and CPUwise) and instead

of upgrading it, we would like to move to google apps (Premier Edition).

We would like to continue using our ldap database as main user and password

database and thus would like to integrate google apps with our existing

IT infrastructure. This is possible with the Premier Edition provisioning

API. Ideally, the solution proposed will use the python interface to

google apps provisioning. ([url removed, login to view])

We are looking for someone to write the sync script and manage our move.

This is a repost: twice in a row, our provider 'vanished' and stopped

answering our emails. We really want someone serious please.

Here are the details of some of our most important requirements:


Trivial, but worth saying:


a) our users should keep all their existing mails (ie mail will have to be synced)

b) our users should be able to access their mails through IMAP (SSL or TLS)

with their thunderbird clients as well as with the google web interface

c) our users should continue to get mail for different domains (john _at_ [url removed, login to view] and

john _at_ [url removed, login to view] should both work) on the same account

d) We might want to introduce a third domain (john _at_ [url removed, login to view] and john _at_ [url removed, login to view]

and john _at_ [url removed, login to view] should all work)

Actually requires work:


e) The login name should be lastname of the user (as we do with our ldap) possibly

followed by an _at_ [url removed, login to view] if required by google.

The accounts to be created/updated are in the following ldap groups only

* ou=people,dc=a9english,dc=com

* ou=shared_mail,dc=a9english,dc=com

f) Creation of a user in ldap should also create the associated mailbox and configuration on google apps

g) The google passwords should be our ldap passwords. Pushing our ldap passwords

to google once every hour (if required, as can be checked by googlePassLastChg) looks

possible and is sufficient for us.

Our ldap server uses "password-hash {MD5}" so that the existing hashed can

be pushed directly to google without anyone needing the cleartext passwords.

More info can be found here under "MD5":

[url removed, login to view]

This means that if a user changes their ldap password, the google password should

be updated too (within a few hours of the change is OK).

h) Some users have special aliases (like johnny _at_ [url removed, login to view] -> john _at_ [url removed, login to view])

Such aliases are listed in a text file and could be either synced by the sync script

or added manually once and for all.

i) our users should be able to get both firstname _at_ [url removed, login to view] and lastname _at_ [url removed, login to view]

mails (This is just an alias that should be setup automatically by the sync script).

j) The transition should ideally take place during a weekend (Paris time) and no mails should be lost.

Maybe we can do an incremental update via IMAP (for many days if needed) so

that most of the old mails would be there by the migration date and the weekend

migration would only be copying the 'new' mails to google apps.

k) We want to be able to continue to use our existing mailing-lists (either self-hosted or via google apps)

The setup could be done manually. Our about 30 mailing-lists have no more than 15 recipients each.

l) a special alias 'everybody _at_ [url removed, login to view]' should send mail to everybody (with a valid ldap account)

meaning that if a new user is added she should get the mails too.

m) some special aliases should be created/updated based on ldap group membership. Eg as long as a

user is in the ldap group 'accounting' they should receive mails sent to 'accounting _at_ [url removed, login to view]'

Would be great if we could find a way to have it work:


n) Ideally, hyphen-addressing should continue to work, ie one user 'john _at_ [url removed, login to view]' should be

able to give any address of the form 'john-anything _at_ [url removed, login to view]' and get their mail

automatically in their mailbox

We know that google supports plus-adressing

[url removed, login to view]

but our users hate it since many websites refuse the "+" in email adresses. So

we really would like to continue to use hyphen-addressing.

Some options that might be worth investigating include:

* Try to use a catchall adress and "to things" with those mails

* Try to use the filers API (automatically setup by the sync script)

* Keep a front mail server somewhere that would to adress rewriting while we

give time to our users to change their (many) hyphen-addresses

Here are the ressources that we will provide:


- A technically knowledgeable contact

- A mail account at gymglish - for tests

- A user shell account on the mail server to code/test/run data transfer tasks...

- A read-only ldap account with full access to the ldap data

- Administrative access to our existing google apps premier edition account until

the first mails are about to be synced.

- Installation of newer libraries on the server if required. We currently have

python-2.3.4 (from Centos 4)


[url removed, login to view]

- Archive of previous discussions with a freelance (who did not complete the

job unfortunately)

- When we will have to sync the mails from our IMAP server to Google, we will

ask each individual user to enter their password into the sync script.

A tgz file with our current configuration files is also available upon request.

What I expect:


1) understanding of our situation and critical analysis of our requirements (maybe I forgot something

important !). If some requirements are not (or do not seem) possible, discussion with me to find

the best workaround

2) google apps sync script and detailed technical documentation on HOW to do the move. Should we have a problem, the

'rollback' procedure should be clear too.

3) Help with the actual move

Each step should be validated by me prior to taking the next step.

Best regards,


NOTE2: Our specs mean that a user "john doze" with special alias johnny should be able to read

their mails sent the following addresses from the same account:

john _at_ [url removed, login to view]

doze _at_ [url removed, login to view]

johnny _at_ [url removed, login to view]

john _at_ [url removed, login to view]

doze _at_ [url removed, login to view]

johnny _at_ [url removed, login to view]

john _at_ [url removed, login to view]

doze _at_ [url removed, login to view]

johnny _at_ [url removed, login to view]

john-anything _at_ [url removed, login to view]

doze-anything _at_ [url removed, login to view]

john-anything _at_ [url removed, login to view]

doze-anything _at_ [url removed, login to view]

john-anything _at_ [url removed, login to view]

doze-anything _at_ [url removed, login to view]

doze+anything _at_ [url removed, login to view]

doze+anything _at_ [url removed, login to view]

doze+anything _at_ [url removed, login to view]

Skills: Linux, Python, System Admin

See more: migrate postfix google apps, migrate self hosted imap server google, write tests freelance, write code freelance, write api freelance, write an e mail, work in google freelance, work freelance python, work as a freelance via internet, work as a freelance best websites, work apps freelance, what to freelance, what should i ask google, what's freelance work, what's freelance, what's a freelance job, what's a freelance, what is to freelance, what is google code, what is an apps script, what i d freelance, what freelance means, what do people freelance in, weekend update, weekend freelance

About the Employer:
( 9 reviews ) Paris, France

Project ID: #644717

10 freelancers are bidding on average $908 for this job


Kindly have a look at PM, Thanks.

$750 USD in 7 days
(92 Reviews)

I can do this for you, please check pm

$750 USD in 0 days
(69 Reviews)

I'm RHCE certified. 10 years of Linux experience. I always use python to do automated tasks so there is no problem with provisioning and syncing.

$1280 USD in 15 days
(1 Review)

I am Prakash from Sisoft Info Solutions, Delhi NCR, India ([url removed, login to view]). We are a team of highly skilled professionals including project managers, domain experts, designers, analyst programmers and quality assurance. More

$750 USD in 4 days
(1 Review)

I can do it.

$850 USD in 15 days
(2 Reviews)

Please see PM.

$1100 USD in 15 days
(3 Reviews)

Can be done, check PM for further details

$750 USD in 7 days
(0 Reviews)

Kindly check your PM. Regards, Amr Tawfik

$1000 USD in 10 days
(0 Reviews)

Please check PMB for more details.

$850 USD in 15 days
(0 Reviews)

IT Next is a consulting and information technology firm focusing Open source solutions from individual to corporate. We had three projects experience from Postfix to Google aps.

$1000 USD in 5 days
(0 Reviews)