* on the Fri, Dec 22, 2006 at 05:37:22AM -0500, Grant Peel wrote:
> With some help, I have recently configured Exim to send mail on the
> interface it was recieved on (my servers have IPs for each domain
> on them). This seems to be working quite well.
>
> On glitch though, is when on of my users uses the Openwebmail system.
> It is configured to connect on 127.0.0.1, and of course, we cant sent
> mail out on that IP.
>
> I want to know if anyone has any hints as to how to get exim to
> recognize the domain of the user trying to send the mail, such that
> I can set the interface to the domains real interface.
>
> Here is a copy of the routers and transports for noirmal remote smtp
> client connections and Openwebmail connections.
>
> TIA. -Grant
<strip routers>
> begin transports
>
> remote_smtp_owm:
> driver = smtp
> return_path_add = true
>
> remote_smtp:
> # driver = smtp
> # return_path_add = true
> driver = smtp
> helo_data = ${lookup dnsdb{defer_never,ptr=$interface_address}{$value}{$primary_hostname}}
> interface = $interface_address
> return_path_add = true
> #debug_print = "XX T: remote_smtp for $local_part@$domain Sent VIA $interface_address XX"
First we need to figure out a logical way of calculating the outgoing
interface from the connection. You said the connection comes in on port
127.0.0.1. First thing to do is figure out what the domain name is. The
easy way of doing that is by checking the sender address domain, however
you need to be aware of the flaw in that, being that any user can set
any sender address. Once you've got the domain name, you need to figure
out what IP address to go out on. I'll assume here that the domain has
an A record pointing at the appropriate IP as you've not specified.
Untested:
remote_smtp_owm:
driver = smtp
helo_data = $sender_address_domain
interface = ${lookup dnsdb{a=$sender_address_domain}}
return_path_add = true
I'm unfamiliar with Openwebmail. If it is possible to set this up so
that you can add the relevant domain name, or interface address to a
header before passing on to the smtp server, that would make things
easier to secure.
Mike