Re: [exim] Exim used as a filter - want some hosts to be del…

Inizio della pagina
Delete this message
Reply to this message
Autore: John Schmerold
Data:  
To: exim-users, John Schmerold
Oggetto: Re: [exim] Exim used as a filter - want some hosts to be delivered on alternative ports
For the record, I'm not faking traffic for Gmail - using that as a
fictional example.

I've resolved the issue by blocking port 25 on the mail server, but
whitelisting the Exim box's IP address so the mail server accepts port
25 from the Exim box.

On Jan 12, 2008 12:46 AM, Phil Pennock <exim-users@???> wrote:
> On 2008-01-11 at 22:38 -0600, John Schmerold wrote:
> > We use our exim install as a spam filter, it does a great job, however
> > some spammers have learned they can send their junk to mail.gmail.com
> > and it gets past the filter.
>
> Whose filter? Yours? If so, why not fix it?
>
> > In exim.conf, we have following lines in the router section:
> > internal:
> > driver = manualroute
> > domains = +relay_to_domains
> > transport = remote_smtp
> > route_data = ${lookup{$domain}partial-lsearch{/etc/exim/transport}}
> >
> > then we have a file /etc/exim/transport containing:
> > gmail.com: mail.gmail.com
> > google.com: mail.google.com
>
> There is no mail.gmail.com; are you faking DNS for a domain not under
> your administrative control? If so, why?
>
> > I want mail being delivered to gmail.com to go to port 2525, mail
> > going to google.com goes to port 25
> >
> > Please help &/or point me to documentation that would accomplish this.
>
> You can pass data from the Routers down to the Transport by setting
> address_data on the Router; this is then available in $address_data in
> the Transport.
>
> You could then have the file contain:
> master-key: key1=foo key2=bar
> and put the result of the master-key lookup in address_data and use
> ${extract...} to collect data from $address_data in the transport, eg
> port = ${extract{port}{$address_data}{$value}{25}}
>
> Then if you choose to add port=2525 to one of the lines, and only if you
> choose to do so, you can deliver to a non-standard port.
>
> But why are you faking up handling for Gmail traffic?
>
> -Phil
>