Re: [EXIM] vhosts > Russ Paton <russ@thumbs.org> probably sa…

Páxina inicial
Borrar esta mensaxe
Responder a esta mensaxe
Autor: Stuart Lynne
Data:  
Para: exim-users
Asunto: Re: [EXIM] vhosts > Russ Paton <russ@thumbs.org> probably said:
> > Tim apparently said: -
> > > What are the steps needed to accept mail for several virtual domains?
> > Under the /usr/exim/configure file add the following: -
> >
> > local_domains = lsearch;/usr/exim/table/local.dom
> > local_domains_include_host_literals = true
> > local_interfaces = ipaddress:127.0.0.1
> >
> > And then add the your virtual hosts to be accepted into
> > /usr/exim/table/local.dom
> >
> > That should sort you out with Virtual domains
>
> Thats making more domains local, this is not what is traditionally
> meant by "virtual domains".
>
> If I host a domain foo.dom on my machine as a virtual domain I expect it
> to be completely virtual and seperate from other mail domains that end
> up on my machine. pir@??? may or may not be me ...


And of course it is possible to do a very interesting solution to
this using LDAP.

Selected portions of my configuration using LDAP:

    # Routers entries


    # ensure we don't attempt delivery unless MX points to this host
    lookuphost:
      driver = lookuphost,
      self = fail_soft,
      transport = smtp;           


    # punt to director if MX points to this host
    self:
      driver = lookuphost,
      self = local,
      transport = smtp;                    


    # Director entries

        
    # lookup virtual users in directory IFF MX matches "virtual..fireplug.net"
    virtual_fireplug_net_aliasfile_ldap:
      condition = "${if match{$self_hostname}{virtual..fireplug.net}{$domain}}"
      driver = aliasfile;
      search_type = ldap,
      expand,
      errors_to = sl@???
      queries = "ldap:://wilt.fireplug.net/?mailforwardingaddress?sub?(&(mail=$local_part@$domain)(ou=accounts)):\
        ldap:://wilt.fireplug.net/?mailforwardingaddress?sub?(&(mail=\\\\2a@$domain)(ou=accounts))"

                    
    # specify vacation processing IFF prefix of address is "vacation-"
    vacation_prefix:
      condition = "${if match{$local_part}{.*%.*}{$domain}}"
      driver = smartuser
      prefix = "vacation-"
      transport = vacation_delivery
      new_address = "${if match{$local_part}{(.*)%.*}{$1}{$domain}}@${if match{$local_part}{.*%(.*)}{$1}{$domain}}"

                    
    # specify delivery to pop mailbox IFF prefix of address is "pop-"
    pop_prefix:
      condition = "${if match{$local_part}{.*%.*}{$domain}}"
      prefix = "pop-"
      driver = smartuser,
      transport = pop_delivery;
      new_address = "${if match{$local_part}{(.*)%.*}{$1}{$domain}}@${if match{$local_part}{.*%(.*)}{$1}{$domain}}"


    # specify delivery to imap mailbox IFF prefix of address is "imap-"
    imap_prefix:
      condition = "${if match{$local_part}{.*%.*}{$domain}}"
      prefix = "imap-"
      driver = smartuser,
      transport = imap_delivery;
      new_address = "${if match{$local_part}{(.*)%.*}{$1}{$domain}}@${if match{$local_part}{.*%(.*)}{$1}{$domain}}"



    # Transport entries


    # perform delivery to pop mailbox 
    pop_delivery:
      driver = appendfile;
      #create_directory,
      from_hack,
      file = /var/mail/${domain}/${lc:$local_part},
      user = mail,
      group = mail,                               


    # perform delivery to imap mailbox 
    imap_delivery:
      driver = appendfile;
      no_from_hack,
      prefix = "",
      suffix = "",
      maildir_format,
      create_directory,
      directory = "/var/imap/${domain}/${length_2:${lc:$local_part}}/${lc:$local_part}/INBOX",
      user = mail,
      group = mail,            


    # perform vacation processing
    vacation_delivery:
      driver = autoreply
      file = /etc/exim/vacation-msg.txt
      file_optional
      user = mail
      group = mail
      to = $sender_address
      subject = "Autoreply: Vacation message for ${local_part}@${domain}"
      headers = "Mime-Version: 1.0\nContent-Type: multipart/mixed; boundary=\"m1Stw9KgbdL9/HM9\""
      text = "--m1Stw9KgbdL9/HM9\nContent-Type: text/plain; charset=us-ascii\n\
    Content-Disposition: attachment; filename=\"${local_part}@${domain} vacation message\"\n\
    \n\n${expand:${lookup ldap\
    {ldap://src.fireplug.net/?mailAutoReplyText?sub?(&(mail=${local_part}@${domain})(ou=accounts))}{$value}{}}}\n\
    \n--\n${local_part}@${domain}\n\n"
      log = "/var/mail/${domain}/${local_part}_vlog"
      once = "/var/mail/${domain}/${local_part}_vdb"

                                    

To use this we have LDAP entries for each user that look something like:

    bjectclass: top
    objectclass: account
    objectclass: mailRecipient
    objectclass: fireMessagingUser
    objectclass: person
    objectclass: organizationalPerson
    objectclass: inetorgPerson
    objectclass: fireNewsAccess
    uid: richard@???
    mail: richard@???
    mailforwardingaddress: richard@???
    mailforwardingaddress: vacation-richard%fireplug.net@???
    mailforwardingaddress: richard%fireplug.net@???
    userpassword: abcedfg
    cn: richard
    sn: richard
    mailautoreplytext: I'm on vacation


The exim ldap lookup simply finds the entry based on the mail attribute
and returns the mailforwardingaddress attribute value.

This can take several forms and is multi-valued. For example:

    richard@???
        deliver somewhere else, in this case to another
        address on another server


    pop-richard%big-cats.com@???
        deliver into pop mailbox in virtual host directory
        for big-cats.com on server popserver.fireplug.net


    vacation-richard%big-cats.com@???
        perform vacation processing for user


This setup has the interesting property that we can setup multiple
mailbox servers with identical configuration files that will all
deliver mail to mailboxes they are told to deliver to or will forward
to the correct server for the mailbox. All of the interesting
information about where to deliver mail for a user is in the LDAP
server database.

In other words, not only can a single host act as a server for
multiple virtual domains, but all of the virtual domains can have
mailboxes spread across a number of physical servers.


-- 
Stuart Lynne <sl@???>      604-916-4741      <http://www.poste.com>
PGP Fingerprint: 28 E2 A0 15 99 62 9A 00  88 EC A3 EE 2D 1C 15 68


--
*** Exim information can be found at http://www.exim.org/ ***