Szerző: James P. Roberts Dátum: Címzett: exim-users, Patrick Starrenburg Tárgy: Re: [Exim] Redirecting SMTP session to different server based on RCPT address
> I am interested to see if this is feasible... >
> I want to see if it is possible to redirect an SMTP communication from one MTA > to another based on RCPT address.
> <snip> > Is it possible - to / what platform would be required / has anyone done this / > anyone have any ideas - have a setup where:
>
> based on a lookup of the RCPT address (most likely LDAP against MS Exchange) > the MTA could *redirect* the SMTP communication to another SMTP server. So MX > records for domain point to, say, server mx.headquarters.company.com which > during the SMTP coversation tells (bounces) the calling MTA to another MTA at, > say, mx.subsidiary.company.com which is located elsewhere in the world. Note I > mentioned redirect, not route. This means the first MTA does not accept the > message and route, but after RCPT phase redirects calling MTA to another MTA > which accepts mail for domain company.com.
>
> The possibity of sub-domaining, which could have easily solved this problem, > by having region1.company.com etc. like eu.company.com, us.company.com, > ap.company.com point to MX records for specific region was rejected.
>
> Any ideas/thoughts/it's impossible...??
>
> PS
> I don't know of any MTA that can do what you ask, directly. HOWEVER, I
don't think it is impossible. If I understand your need correctly, the
primary MTA for the company, which would be the one referred to by MX
record, would have the following feature:
(1) Accepts incoming SMTP session.
(2) If recipient is listed under a special, new category, then:
(3) Lookup the MX you really want it delivered to
(4) Make an SMTP call to that MX
(5) Upon successful establishment of new SMTP session, begin echoing
everything, from the original caller to the new MX, and vice versa...
Essentially acting as a connection forwarder. If the secondary rejects
the message, then the primary rejects the message. If the secondary MX
accepts the message, the primary accepts the message and passes it
unchanged to the secondary, and so forth.
This is overly simplistic, I am sure, but am I in the right ballpark?
It is not classic SMTP forwarding, but more like a proxy service, right?
I am thinking along the lines of what Stunnel does, in terms of
connection forwarding. But not exactly that, either. Perhaps Stunnel
could be cannibalized for part of what you are asking for. Hmmm...
In fact, what I think you need is something new. A daemon that listens
on the SMTP port of the primary machine, but all it does is forward the
connection itself to the appropriate (local or remote) machine/port,
based on the intended recipient. It wouldn't have to do anything else,
although it could be used as a "frontline" defense, not bothering to
forward anything not intended for a known recipient (SMTP reject
"unknown recipient"). I suspect you could cannibalize existing open
source code to cobble something together.