I will show you the G Suite magic about how you can use the Google Workspace Email to get maximum benefit !
What do we want;
i. Just one user only (one email address on G Suite, $ 6/month) for minimize cost
ii. Use unlimited email address via Google Server (relay)
iii. Use multiple domain(s) email addresses
iv. Use all of your own Webmail server to relay via Google
v. Unlimited email forwarding (domain only) via Google Server
vi. Google grade email protection
The above all features will cost you total six dollars per month.
So, I am here to instruct you.
Before start, check that all your existing Webmail systems are working properly
Step 1) Prepare your business name and primary domain
You have a primary business, register a domain name if your business doesn't have a website yet.
Step 2) Create a Google Workspace account
https://workspace.google.com/pricing.html
Get started with Google Workspace.
Step 3) Verify domain and set up DNS settings
Follow step by step instruction to activate Gmail on your custom domain. Configure DNS settings when required (Google verification TXT record, MX, SPF, DKIM).
Collect DKIM record from: G-Suite Admin console > Menu > Apps > Google Workspace > Gmail > Authenticate email
Now that, you have a primary/main all-in-one email address such as gmailrelay@businessdomain.com
Important ! Never create a catch-all rule individually for the main G-Suite user email address.
Incoming Mail Relay Method
Step 4) Add your own primary Webmail server first
Add your own primary business Webmail server (cPanel) Host/Route on Google Workspace.
i. G-Suite Admin console > Menu > Apps > Google Workspace > Gmail > Hosts
ii. Click "ADD ROUTE"
iii. In the Add mail route box, take the below steps:
iv. Name: Primary Webmail cPanel Server
v. Under "Specify email server" select "Single host"
vi. Provide your webmail server's hostname and port (must be 25 port)
vii. Under "Options" deselect all, and only keep selected the "Require mail to be transmitted via a secure (TLS) connection"
Important ! You must create a catch-all email address for each and every domain in your own Webmail server. (Example: catchall@businessdomain.com, catchall@seconddomain.com, etc.)
Step 5) Set up incoming mail dual delivery - Gmail as primary server
Assume that, you have one email address in G-Suite Google server, and the other email addresses (100 or more) configured in your own primary cPanel Webmail server.
So, you will setup incoming mail first delivery to Google server (where one primary email address will receive incoming mail) and additionally, Google will redirect/relay as second delivery to your own primary cPanel Webmail server (where other email addresses will receive incoming mail) as dual delivery.
i. G-Suite Admin console > Menu > Apps > Google Workspace > Gmail > Routing
ii. On the Routing tab, click Configure/Add Another Rule
iii. In the Add setting box, take the below steps:
iv. Enter a name in Routing: Relay delivery to cPanel for businessdomain.com
v. Under the Email messages to affect, select Inbound and Internal - Receiving
vi. Under the For the above types of messages, do the following, select Modify message
vii. Under the Modify message, Scroll to Also Deliver to, and check the Add more recipients box
viii. Beneath the Recipients table, click Add. The Add setting box appears
ix. Under the Add setting box, select Advanced (not Basic)
x. Beneath Route, check the Change route box
xi. Beneath Change route, select the webmail server you added on Hosts route, Primary Webmail cPanel Server (not Normal Routing)
xii. Beneath Spam and delivery options, uncheck/deselect the Do not deliver spam to this recipient, and keep checked/selected the Suppress bounces from this recipient
xiii. Click SAVE and the new route appears in the Recipients table,
and also, we are already backed again under the Modify message section
xiv. Scroll to bottom and click Show options, more options will appear under the Hide options
xv. Under the Account types to affect, select/check Users and Unrecognized / Catch-all, and uncheck/deselect Groups
xvi. Under the Envelope filter, select Only affect specific envelope recipients, and then select Pattern match (not Single email address)
xvii. Under the Pattern match, enter a Regexp [\w-]+@businessdomain.com($)|[\w-]+@BUSINESSDOMAIN.COM($)
xviii. Finally, click SAVE
Now the primary business domain's email setup is done. You can now receive email to your primary business Webmail server, via Google Server.
Step 6) Configure additional domain from your primary cPanel Webmail server
G-Suite Admin console > Menu > Account > Domains > Manage domains > Add a domain
Enter the domain name: seconddomain.com
Select a domain type: User alias domain
Add domain & start verification, also complete the DNS settings (Google verification TXT record, MX, SPF, DKIM)
Collect DKIM record from: G-Suite Admin console > Menu > Apps > Google Workspace > Gmail > Authenticate email
i. G-Suite Admin console > Menu > Apps > Google Workspace > Gmail > Routing
ii. On the Routing tab, click Add Another Rule/Configure
iii. In the Add setting box, take the below steps:
iv. Enter a name in Routing: Relay delivery to cPanel for seconddomain.com
v. Under the Email messages to affect, select Inbound and Internal - Receiving
vi. Under the For the above types of messages, do the following, select Modify message
vii. Under the Modify message, Scroll to Also Deliver to, and check the Add more recipients box
viii. Beneath the Recipients table, click Add. The Add setting box appears
ix. Under the Add setting box, select Advanced (not Basic)
x. Beneath Route, check the Change route box
xi. Beneath Change route, select the webmail server you added on Hosts route, Primary Webmail cPanel Server (not Normal Routing)
xii. Beneath Spam and delivery options, uncheck/deselect the Do not deliver spam to this recipient, and keep checked/selected the Suppress bounces from this recipient
xiii. Click SAVE and the new route appears in the Recipients table,
and also, we are already backed again under the Modify message section
xiv. Scroll to bottom and click Show options, more options will appear under the Hide options
xv. Under the Account types to affect, select/check Users and Unrecognized / Catch-all, and uncheck/deselect Groups
xvi. Under the Envelope filter, select Only affect specific envelope recipients, and then select Pattern match (not Single email address)
xvii. Under the Pattern match, enter a Regexp [\w-]+@seconddomain.com($)|[\w-]+@SECONDDOMAIN.COM($)
xviii. Finally, click SAVE
Step 7) Add your own secondary Webmail server if available
Add your own secondary Webmail server (DirectAdmin/Plesk/Virtualmin) Host/Route on Google Workspace.
i. G-Suite Admin console > Menu > Apps > Google Workspace > Gmail > Hosts
ii. Click "ADD ROUTE"
iii. In the Add mail route box, take the below steps:
iv. Name: Secondary Webmail Virtualmin Server
v. Under "Specify email server" select "Single host"
vi. Provide your webmail server's hostname and port (must be 25 port)
vii. Under "Options" deselect all, and only keep selected the "Require mail to be transmitted via a secure (TLS) connection"
Step 8) Configure additional domain from your secondary Virtualmin Webmail server
G-Suite Admin console > Menu > Account > Domains > Manage domains > Add a domain
Enter the domain name: thirddomain.com
Select a domain type: User alias domain
Add domain & start verification, also complete the DNS settings (Google verification TXT record, MX, SPF, DKIM)
Collect DKIM record from: G-Suite Admin console > Menu > Apps > Google Workspace > Gmail > Authenticate email
i. G-Suite Admin console > Menu > Apps > Google Workspace > Gmail > Routing
ii. On the Routing tab, click Add Another Rule/Configure
iii. In the Add setting box, take the below steps:
iv. Enter a name in Routing: Relay delivery to Virtualmin for thirddomain.com
v. Under the Email messages to affect, select Inbound and Internal - Receiving
vi. Under the For the above types of messages, do the following, select Modify message
vii. Under the Modify message, Scroll to Also Deliver to, and check the Add more recipients box
viii. Beneath the Recipients table, click Add. The Add setting box appears
ix. Under the Add setting box, select Advanced (not Basic)
x. Beneath Route, check the Change route box
xi. Beneath Change route, select the webmail server you added on Hosts route, Secondary Webmail Virtualmin Server (not Normal Routing)
xii. Beneath Spam and delivery options, uncheck/deselect the Do not deliver spam to this recipient, and keep checked/selected the Suppress bounces from this recipient
xiii. Click SAVE and the new route appears in the Recipients table,
and also, we are already backed again under the Modify message section
xiv. Scroll to bottom and click Show options, more options will appear under the Hide options
xv. Under the Account types to affect, select/check Users and Unrecognized / Catch-all, and uncheck/deselect Groups
xvi. Under the Envelope filter, select Only affect specific envelope recipients, and then select Pattern match (not Single email address)
xvii. Under the Pattern match, enter a Regexp [\w-]+@thirddomain.com($)|[\w-]+@THIRDDOMAIN.COM($)
xviii. Finally, click SAVE
Step 9) Optional: Add forward only domain to G-Suite
You can setup additional domain, only for unlimited forwarding.
The forwarded emails will go to a free/standard Gmail.
Lets try it:
G-Suite Admin console > Menu > Account > Domains > Manage domains > Add a domain
Enter the domain name: forwardonlydomain.com
Select a domain type: User alias domain
Add domain & start verification, also complete the DNS settings (Google verification TXT record, MX, SPF, DKIM)
Collect DKIM record from: G-Suite Admin console > Menu > Apps > Google Workspace > Gmail > Authenticate email
i. G-Suite Admin console > Menu > Apps > Google Workspace > Gmail > Routing
ii. On the Routing tab, click Add Another Rule/Configure
iii. In the Add setting box, take the below steps:
iv. Enter a name in Routing: Catch-all for forwardonlydomain.com
v. Under the Email messages to affect, select Inbound and Internal - Receiving
vi. Under the For the above types of messages, do the following, select Modify message
vii. Under the Modify message, Scroll to Envelope recipient
viii. Beneath the Envelope Recipient, select/check Change envelope recipient
ix. Under the Change envelope recipient, select Replace recipient
x. Beneath Replace recipient, enter the alias email address as gmailrelay@forwardonlydomain.com
xi. Scroll to bottom and click Show options, more options will appear under the Hide options
xii. Under the Account types to affect, select/check Users and Unrecognized / Catch-all, and uncheck/deselect Groups
xiii. Under the Envelope filter, select Only affect specific envelope recipients, and then select Pattern match (not Single email address)
xiv. Under the Pattern match, enter a Regexp [\w-]+@forwardonlydomain.com($)|[\w-]+@FORWARDONLYDOMAIN.COM($)
xv. Finally, click SAVE
Now that, all email received at forwardonlydomain.com will be reach in the G-Suite main user email gmailrelay@businessdomain.com inbox. So, you have to create a filter in the main emailbox settings. But before creating the filter, you have to create a free Gmail to receive all forwarded mail.
xvi. Create and prepare the free Gmail. (Example: forwardonlydomainbox@gmail.com)
Add mail forwarding address forwardonlydomainbox@gmail.com in main G-Suite email's forward settings.
G-Suite Inbox > Settings > Forwarding and POP/IMAP > Add a forwarding address
Then create the email filter by following steps:
xvii. Login to main G-Suite user Gmail inbox in Standard mode
xviii. Click the Settings gear icon, and then click See all settings
xix. Click the Filters and Blocked Addresses tab
xx. Click Create a new filter
xxi. In the "To" field enter: @forwardonlydomain.com
xxii. Click Create filter
xxiii. Check/select Forward it to: forwardonlydomainbox@gmail.com
xxiv. Check/select Delete it
xxv. Finally click Create filter
Step 10) Test the all email routing for incoming mail
You can test now the incoming mail routing. Use an external email address such as Yahoo mail to test the routing.
Outgoing Mail Relay Method
Note: In G-Suite Manage Domains, add your own Webmail server(s) hostname's main domain first as an Alias-domain in G-Suite, and then add the hostname subdomain as an Alias-domain.
Additionally, make sure the Webmail server's all domains is already added in G-Suite and the DNS entry SPF, DKIM added.
Also, configure your Webmail sending limit as Gmail sending limit.
Current Gmail limit when I'm writing this blog on Nov 2023 is up to 2000 emails per 24-hour period and 100 recipients per message.
Step 11) cPanel Outgoing mail SMTP relay via Google Server
You must have access on WHM panel.
Make sure the Service SSL Certificate is valid (WHM Home > Service Configuration > Manage Service SSL Certificates) and the TLS port 587 is enabled in your cPanel server.
Let's configure in G-Suite panel first;
i. G-Suite Admin console > Menu > Apps > Google Workspace > Gmail > Routing
ii. Scroll to SMTP relay service and click Configure/Add Another Rule
iii. In the Add setting box, take the below steps:
iv. Enter a name in SMTP relay service: WHM cPanel SMTP Relay via Google
v. Under the Allowed senders, choose Only addresses in my domains
vi. Under the Authentication, check/select Only accept mail from the specified IP addresses
vii. Under the Only accept mail from the specified IP addresses, click ADD
viii. In the Add setting box, enter a name for this IP in description field (example: whm cpanel primary ip), and enter your cPanel server's main IP address (which is the hostname's A record), then SAVE
(Note: If you have more than one IP address in your cPanel server, you can add them here)
(Note: All your IPs added here must match the rDNS PTR record to the cPanel server's hostname)
(Note: Delete any other IPs which is not from your cPanel server)
ix. Under the Authentication, uncheck/deselect Require SMTP Authentication
x. Under Encryption, check/select Require TLS encryption
xi. Click SAVE
Remain configuration in WHM panel;
xii. Login to WHM (https://serverhostname:2087)
xiii. Home > Service Configuration > Exim Configuration Manager
xiv. Within the Basic Editor, click the Domains and IPs tab
xv. Make sure the Send mail from the account’s IP address option is disabled/Off
xvi. Within the Basic Editor, click the Mail tab
xvii. Within the Mail tab, look for Smarthost support
xviii. Enable Smarthost support, and enter * smtp-relay.gmail.com::587
xix. For the Smarthost requires SMTP authentication option, keep it disabled/Off
xx. Back to WHM Home > Service Configuration > Mailserver Configuration
xxi. Make sure the Allow Plaintext Authentication (from remote clients) is set to No
xxii. Make sure the SSL Minimum Protocol is set to TLSv1.2
xxiii. Back to WHM Home > Service Configuration > Exim Configuration Manager
xxiv. Within the Basic Editor, click the Security tab
xxv. Make sure the Allow weak SSL/TLS ciphers is set to Off
xxvi. Make sure the Require clients to connect with SSL or issue the STARTTLS command before they are allowed to authenticate with the server is set to On
The cPanel Mail Relay Configuration is Done. Test Outgoing now.
Step 12) Virtualmin (free hosting) Outgoing mail SMTP relay via Google server
You must have access on Webmin panel.
Make sure the Service SSL Certificate is valid (Webmin > Virtualmin > Select the Hostname subdomain > Server Configuration > SSL Certificate) and the TLS port 587 is enabled in your Webmin server.
Let's configure in G-Suite panel first;
i. G-Suite Admin console > Menu > Apps > Google Workspace > Gmail > Routing
ii. Scroll to SMTP relay service and click Configure/Add Another Rule
iii. In the Add setting box, take the below steps:
iv. Enter a name in SMTP relay service: Virtualmin SMTP Relay via Google
v. Under the Allowed senders, choose Only addresses in my domains
vi. Under the Authentication, check/select Only accept mail from the specified IP addresses
vii. Under the Only accept mail from the specified IP addresses, click ADD
viii. In the Add setting box, enter a name for this IP in description field (example: virtualmin primary ip), and enter your Virtualmin server's main IP address (which is the hostname's A record), then SAVE
(Note: If you have more than one IP address in your Virtualmin server, you can add them here)
(Note: All your IPs added here must match the rDNS PTR record to the Virtualmin server's hostname)
(Note: Delete any other IPs which is not from your Virtualmin server)
ix. Under the Authentication, uncheck/deselect Require SMTP Authentication
x. Under Encryption, check/select Require TLS encryption
xi. Click SAVE
Remain configuration in Virtualmin panel;
xii. Login to Webmin (https://serverhostname:10000)
xiii. Webmin > Servers > Postfix Mail Server
xiv. Within the Postfix Mail Server modules page, click on the SMTP Authentication And Encryption module
xv. Scroll below to the Enable TLS encryption? option, and select Always
xvi. Under the Send outgoing mail via host option, select custom and enter smtp-relay.gmail.com:587
xvii. Save and Apply
xviii. Back to Webmin > Servers > Postfix Mail Server
xix. Within the Postfix Mail Server modules page, click on the SMTP Client Options module
xx. Scroll below to the Use TLS for SMTP connections? option, and select Yes
xxi. Save and Apply
xxii. Back to Webmin > Servers > Postfix Mail Server
xxiii. Within the Postfix Mail Server modules page, scroll below and click Reload Configuration button
The Virtualmin Mail Relay Configuration is Done. Test Outgoing now.
<---------------------- :) --------------------->
Important ! Replace the domain name and email address name used in this blog to your own original names.
Post a Comment
Post a Comment