Best way to combine Google for Work with postfix mail server / e-mail routing

Marek asked:

I am re-designing our company mail services, and we are migrating some mail-boxes to Google for Work. The objective is to have some users in the cloud, and some users on an on-premise Postfix server.

I have currently configured DNS with GMail MX records and configured GMail to forward all mail for unknown users to my Postfix server.

Whenever I send an e-mail from GMail (personal or business), the e-mail gets properly delivered to a correct Postfix mailbox. However, if I try to send e-mail from Postfix to GMail for Work user , I get an error message from Postfix.

Reporting-MTA: dns; glczwe-sp230001.ext.*filtered*
X-Postfix-Queue-ID: AFB0A86F24
X-Postfix-Sender: rfc822; [email protected]*filtered*
Arrival-Date: Tue,  9 Feb 2016 20:43:48 +0100 (CET)

Final-Recipient: rfc822; [email protected]*filtered*
Original-Recipient: rfc822;[email protected]*filtered*
Action: failed
Status: 5.1.1
Diagnostic-Code: x-unix; user unknown

Obviously, Postfix handles the domain, so it rejects the e-mail, because the account does not exist locally. I know I could list all the users in /etc/postfix/transport, however I am trying to think of a way that would be easier from a mailbox provisioning perspective. Having to touch both mail-servers, GMail and Postfix when creating new users on a GMail servers is a bit of a pain for my taste.

Does anybody have an idea about a solution for my problem? I believe ith might be very common scenario for all Google for Work users.

My answer:

The simplest solution is to run two mail servers on premise. One handles only incoming mail, while the other handles only outgoing mail and knows nothing of the first server.

View the full question and any other answers on Server Fault.

Creative Commons License
This work is licensed under a Creative Commons Attribution-ShareAlike 3.0 Unported License.