[Exim] Hosting multiple domains with Exim - reposting entire…

Page principale
Supprimer ce message
Répondre à ce message
Auteur: Willie Viljoen
Date:  
À: exim-users
Sujet: [Exim] Hosting multiple domains with Exim - reposting entire thread
This is a multi-part message in MIME format.
--
[ Picked text/plain from multipart/alternative ]
Sorry for the confusion. I mixed up a few mailing lists and things, I'm working from one inbox, this is an interum system. Here is the entire thread re-posted for reference.

Will


----- Original Message -----
From: "KARPATI Andras" <karpati@???>
To: "'Willie Viljoen'" <will@???>
Sent: Tuesday, November 11, 2003 12:25 PM
Subject: virtual domains


> Hi,
>
> I am not a big expert using exim...
>
> I have a server that uses Exim, and there is one problem that I can't
> solve even though I was trying to find the answers int he FAQ...
>
> On this server we have several domains. My problem is that I can't
> separate the domains. For example I have the domain zenevilag.net and
> tudas.com. Both should have an e-mail address like info@???
> and info@???. Right now, if someone sends an e-mail to the info@
> it all goes to the same place without separating them by its domains.
>
> What we would like to do, is to separate the domians deliver the
> info@??? and info@??? to different accounts...
>
> Can anyone suggest me a solution how to do this?
>
> Thank,
> Bandess
>
> ---
> Outgoing mail is certified Virus Free.
> Checked by AVG anti-virus system (http://www.grisoft.com).
> Version: 6.0.528 / Virus Database: 324 - Release Date: 2003.10.16.
>
>
>
>


----- Original Message -----
From: "KARPATI Andras" <karpati@???>
To: "'Willie Viljoen'" <will@???>
Sent: Tuesday, November 11, 2003 12:25 PM
Subject: virtual domains


> On this server we have several domains. My problem is that I can't
> separate the domains. For example I have the domain zenevilag.net and
> tudas.com. Both should have an e-mail address like info@???
> and info@???. Right now, if someone sends an e-mail to the info@
> it all goes to the same place without separating them by its domains.
>
> What we would like to do, is to separate the domians deliver the
> info@??? and info@??? to different accounts...
>
> Can anyone suggest me a solution how to do this?


This is a limitation in UNIX, not Exim, but it's not that hard to get
around. What you want to do is configure Exim to read seperate alias files
for each domain, and deliver to the different users. The example I will give
you here uses a simple, but effective solution. Some prefer using a database
to do these lookups, and that is more efficient, but might require
installation of RDBMS software, and rebuilding Exim. This can work right
away. It is a lot of work, but fairly easy to do. First off, you want to get
your domain lists right, especially if you are going to be hosting a number
of these domains.

The best way to do this is to have the domains listed in a line delimited
plain text file. Most systems have a directory for storing mail related
configuraiton files. For my examples I will use the BSD convention of using
/etc/mail. First, create a directory to hold virtual domain information, I
use /etc/mail/virtual. Now, put a file in this directory, I will call it
domainlist. In /etc/mail/virtual/domainlist, list your domains like this:

domain1.net
domain2.net
domain3.com

Now, you will want to include this in your Exim configuration. In the
primary configuration are, set up the domainlists to look like this:

domainlist    local_domains_virtual    = /etc/mail/virtual/domainlist
domainlist    local_domains               = yourdomain.com :
+local_domains_virtual


This configures Exim to always check that file to see if a domain is one of
your local domains, and to accept primeraly for yourdomain.com. This also
helps because there's no need to reload Exim after adding a domain. The
update to the file will be effective right away, making it easier if you
want to write scripts to add users automatically.

Now comes the fun part. What you want to do is add a router which checks the
+local_domains_virtual domainlist, and read seperate alias files (if they
exist) for a domain which matches this list. This router should look like
the one below, and should be place very high in your router list, after
virus scanning, smarthost, etc:

# This router redirects addresses in virtual domains to different local
users for later
# local delivery.

virtual_domain:
        driver = redirect
        allow_fail
        allow_defer
        domains = +local_domains_virtual
        data = ${lookup{$local_part}lsearch*{/etc/mail/virtual/$domain}}
        user = mailnull
        group = mail
        file_transport = address_file
        pipe_transport = address_pipe
        no_more


By now it should start to become obvious how we are going to route the
domain. The router is only tried if the domain is in the
+local_domains_virtual list. Then, the lookup is done inside a file
referenced as /etc/mail/virtuak/$domain. $domain is expanded to the domain
part of the recipient address. This means that for an e-mail sent to
johndoe@???, $domain expands to anonymous.com.

In the case of Mr. Doe. The search would look inside
/etc/mail/virtual/anonymous.com to find where to redirect his mail. Thus,
for each domain, you want to have a file in /etc/mail/virtual/ with the file
name corresponding to the domain.

It should also be noted that I have used the lsearch* lookup type above.
This allows for * to be expanded to match any local part in the file,
allowing for default addresses and the like. Here is a sample of the files
which I will call "domain alias files".

johndoe:    anon-john
janedoe:    anon-jane
peter:        anon-pete, peter@???


From here it should be clear that these files use a format similar to a
normal alias file (like /etc/aliases). Thus, mail for johndoe@???
would be delivered to the anon-john user on the server. The same for Jane
Doe. Mail for peter@??? will be delivered to the anon-pete user,
and his other address peter@???. This provides a simple and easy to
configure way to host multiple domains.

The only thing that might annoy you is that you will have to give your users
usernames like anon-john. This can be worked around in several ways. The
easiest way I have found (for users that only check POP3 mailboxes that is)
is provided by the Solid POP3D (also known as spop3d) daemon. Several other
POP3 servers might do the same thing, but I have found spop3d the easiest to
set up.

Firstly, for this method to work, you will have to change the format of your
domain alias files, removing all white spaces. Also, you will only be able
to list one local user. No local or remote aliases, thus:

johndoe:anon-john
janedoe:anon-jane
peter:anon-pete

Once this is all set up, you can set up your spop3d.conf to look like this:

<Global>
        AllowNonIP      true
</Global>


<VirtualHost yourdomain.com>
        MailDropName    /var/mail/%s
        MailDropType    mailbox
        DoMapping       false
</VirtualHost>


<VirtualHost anonymous.com>
        MailDropName    /var/mail/%m
        MailDropType    mailbox
        UserMapFile     /etc/mail/virtual/anonymous.com
        DoMapping       true
</VirtualHost>


<VirtualHost customer2.com>
        MailDropName    /var/mail/%m
        MailDropType    mailbox
        UserMapFile     /etc/mail/virtual/customer2.com
        DoMapping       true
</VirtualHost>


Note, the first setting is for your own domain, but should never really be
used by clients. It should be there anyway though. With these settings, when
a user logs in as username, or username@???, mail for username is
checked on your server. When a user logs in with username@???,
things happen abit differently. Users are then mapped from information in
the domain alias files. In the case of a user loggin in with username
johndoe@???, mapping in /etc/mail/virtual/anonymous.com would
point johndoe to anon-john. The daemon then checks mail for the anon-john
system user and delivers it to the client.

It should now become obvious that with this setup, a user loggin in as
anon-john and john@??? will produce the same effect.

If you have some extra IP addresses available, you can also go for a more
sophisticated configuration. I use private IPs here. You will probably need
routable IP addresses, unless all customers are in your LAN. Here is a
sample spop3d.conf:

<Global>
        AllowNonIP      true
</Global>


<VirtualHost 10.0.0.37 yourdomain.com>
        MailDropName    /var/mail/%s
        MailDropType    mailbox
        DoMapping       false
</VirtualHost>


<VirtualHost 10.0.0.44 anonymous.com>
        MailDropName    /var/mail/%m
        MailDropType    mailbox
        UserMapFile     /etc/mail/virtual/anonymous.com
        DoMapping       true
</VirtualHost>


<VirtualHost 10.0.0.45 example.com>
        MailDropName    /var/mail/%m
        MailDropType    mailbox
        UserMapFile     /etc/mail/virtual/example.com
        DoMapping       true
</VirtualHost>


In this case, the first virtualhost is still your domain, but it WILL be
used. Note that the server users check for your domain should correspond to
the IP address in this virtualhost line. For your domain, things are
straight forward. Clients connect to 10.0.0.37, and log in with username.
The mail for username on your system is checked and delivered. Simple.

For the virtual domains, it is just as simple, but slightly different. A
client connects to 10.0.0.44 and logs in with username johndoe. The spop3d
server now checks its configuration file and maps 10.0.0.44 to be the POP3
server address for anonymous.com. It checks the anonymous.com domain alias
file and maps johndoe to anon-john, and delivers the anon-john mail to the
client.

Thus, in this more complex, one IP address per domain setup. A login to
10.0.0.34 with username anon-john and a login to 10.0.0.44 with username
johndoe would create the same effect.

This could be very handy for doing something like this. I use DNS zone file
format as an example, you would need to do this properly on DNS servers in
the real world, with real addresses:

pop3.yourdomain.com.    IN A    10.0.0.34
pop3.anonymous.com.     IN A    10.0.0.44
pop3.noname.com.          IN A    10.0.0.45


I hope all of this helps.

Will

--