Wednesday, July 23, 2025

Migration of tens of users from office365 to mailcow

For a long time our company used hybrid mail setup, with regular developers having mailboxes on linux mail server (postfix) and manager types - on office365. As they share same domain, Office365 connectors are used. This setup enabled significant cost savings as only users requiring shared calendar or Microsoft Office license had to be put on office365.

Recently, the company decided to rebrand and change primary mail domain. All managers got another new mailbox and mailboxes on old domain no longer required office365 features.

To save costs, we decided to migrate the expensive mailboxes to Linux, but it turned out to be very hard task:

  • Outlook has no way to "export" mailboxes. PST (and NST) files are useless in this regard.
  • Paid options allowed backup and restore back to office365. Also, they prevented mailbox to be used during the backup.
  • New outlook requires IMAP accounts to be authenticated using Oauth protocol (citing security issues, usual EEE tactics). It also seems O365 is throttling IMAP connections (and favoring their proprietary MAPI/EAS protocols)

So we did the migration in several stages:

  1. Set up  Thunderbird (one profile per account), subscribe to all folders, switch to offline mode (that will cause it to download all subscribed folders). The Thunderbird keeps folders in mbox format, that might be converted into Maildir and served by dovecot
  2. Set up keycloak SSO with LDAP backend and mailcow client, to provide Oauth protocol
  3.  Imported the Thunderbird mailboxes into mailcow using custom scripts

 If there is interest in details of the solution above, or scripts used - post in comments.

1 comment:

Arie Skliarouk said...

Someone suggested much more efficient way to use Outlook's feature of exporting whole mailbox with all folders as PST file and then importing that PST using readpst tool on Linux.