Re: [EXIM] A more advanced hub/firewall config

Top Page
Delete this message
Reply to this message
Author: Philip Hazel
Date:  
To: Graham Leggett
CC: exim-users
Subject: Re: [EXIM] A more advanced hub/firewall config
On Thu, 12 Nov 1998, Graham Leggett wrote:

> What I'd like is a system where if mail arrives addressed to a domain
> whose MX points to the firewall, it is forwarded to the internal mail
> server. If mail arrives that is destined to an address whose MX does not
> point to the firewall, and it came from an approved sender who is
> allowed to relay, it should be sent direct to the host over the
> internet.
>
> Will the "bydns_mx" option do this for me in the route_list?


The easy way to do this is as follows:

1. As your *first* router, have the standard lookuphost router from the
default configuration, with the added option

self = fail_soft

This will handle all domains whose lowest numbered MX records do not
point to your host. If it hits a domain whose lowest numbered MX does
point to your host, the "self" option comes into play. That setting
causes it to pass the address on to the next router. (The default causes
it to generate an error.)

2. As your second (and last) router, set up a domainlist router that
sends everything to your internal mail server. That is, using an option
of the form

route_list = * internal.server byname


-- 
Philip Hazel            University of Cambridge Computing Service,
ph10@???      Cambridge, England. Phone: +44 1223 334714.



--
*** Exim information can be found at http://www.exim.org/ ***