Hi,
I need help configuring Exim 4.30 to be an SMTP mail gateway (or hub) for my
company. I'm new to Exim and most of my difficulty lies in the creation of
the proper runtime config file. Here's my LAN setup:
- My company has a registered external (internet) domain -- let's call it
'oldname.com' -- which has an MX record pointing to my new Exim server.
- In addition, a single subdomain is also defined in external DNS --
ncrypt.oldname.com -- and it's MX record also points to this same Exim
server.
- All internet SMTP traffic to and from this domain and subdomain will be
handled by this Exim server.
- This Exim server is located in the DMZ of my company's internal network
(LAN).
- The origin and final destination of all email from/to this
domain/subdomain is an Exchange server located behind the firewall on the
LAN.
- The Exchange server is the "internal" SMTP relay for mail, but it's
hard-coded on all hosts (no MX record in internal DNS).
- The company's internal network (LAN) uses the same domain name --
oldname.com -- but all internal hosts refer to internal nameservers for DNS
information about internal servers. The internal servers don't know about
the external domain and vice versa.
- Any incoming encrypted mail will be addressed to the subdomain --
ncrypt.oldname.com -- and must pass thru the encryption/decryption server
behind the firewall.
Here's a quick representation:
(Internal LAN) || (DMZ) ||
all outgoing mail ====> || ||
__________ _____________ || ______________ ||
| Exchange |---->|en/decryption|<--FW-->| Exim gateway |<--FW-->{Internet}
|----------| |----|--------| || |-------|------| ||
^ | || | ||
|---------------|------------||-----------| ||
<==== incoming unencrypted mail
FW = Firewall
Here's how the email should flow:
- All incoming mail destined for oldname.com must be received by the Exim
server and passed thru the firewall to the Exchange server.
- All incoming mail destined for ncrypt.oldname.com must be received by the
Exim server and passed thru the firewall to the decryption server first,
where it is decrypted and sent on to the Exchange server.
- All outgoing mail to the internet will originate at the Exchange server,
pass thru the encryption server (where it MAY be encrypted if it meets
certain parameters), and then on to the Exim server, where it will be
transfered to the appropriate SMTP server using a DNS lookup for the
destination domain's MX'er.
- Finally, any email generated locally on the Exim server (e.g. cron mail to
the root user) should be delivered to the local user's mailbox on the
server.
Can anyone provide me with a solid configuration example of how to handle
these four mail delivery cases?
I'd really love to get examples of an entire configuration file, if
possible. :) If not, then examples of drivers (Transports, Directors,
Routers, etc) with a description of their associated global settings would
be helpful.
I've been reading docs out the ass and searching Google like a madman, but
I'm not sure I've got the Exim lingo down yet. I plan to buyTFM and RTFM,
but I don't have time just now. This thing has to be in place by Tuesday!
:(
Any and all help is greatly appreciated.
Back to reading docs, lists, etc...
Cheers!
-Bill
