On 2008-01-12 at 09:49 -0600, John Schmerold wrote:
> It seems, I'm not being clear, what I'm looking for is functionality
> similar to that provided by Postfix's transport file as documented
> here:
> http://www.postfix.org/transport.5.html
>
> The example I am looking to duplicate is:
> In the case of delivery via SMTP, one may specify host-
> name:service instead of just a host:
>
> example.com smtp:bar.example:2025
>
> Is this available in Exim?
Yes. I provided in my original reply an explanation of how to do this
in the Exim way, which would have the config file read:
example.com: host=bar.example port=2025
For example, my laptop has a file named "smarthosts" in which I, uhm,
will obfuscate (!) the gmail email address used:
----------------------------8< cut here >8------------------------------
gmail.com: host=smtp.gmail.com submission=yes tls=yes user=no@???
googlemail.com: host=smtp.gmail.com submission=yes tls=yes user=no@???
*: host=redoubt.spodhuis.org submission=yes tls=yes
----------------------------8< cut here >8------------------------------
Driver and Transport are below; prerequisites are macros defining
RUNCONFDIR (a directory) and MYHELO_TO_SMARTHOST (a default) together
with domainlist local_domains (standard config) and a hostlist
special_ipv4_bad which are those that I never want to try do deliver to
(RFC 3330 stuff).
These are a little more complex than you asked for, which is why I just
told you how to do things before.
In fact, since I'm posting all this I might as well include one of the
authenticators to actually use the "user=" field; I have a couple of
authenticators, not just the PLAIN one, but the PLAIN one shows off the
"client_condition" feature introduced in Exim 4.68, used to protect against
leaking passwords over cleartext channels. This adds the macro
dependency RUNAUTHDIR (defining a directory) which has the file
"user-passwords" used by Exim as a server and "client-passwords" used by
Exim as a client. Client-passwords contains data of the form:
----------------------------8< cut here >8------------------------------
spodhuis.org user=laptop1 password=gobbledygook
no@??? password=my_sekret_passw0rd
----------------------------8< cut here >8------------------------------
# after "begin routers":
smarthost:
driver = manualroute
domains = ! +local_domains
transport = smarthost_smtp
ignore_target_hosts = +special_ipv4_bad
route_data = ${extract{host}{${lookup{$domain}partial()lsearch*{RUNCONFDIR/smarthosts}}}}
address_data = ${lookup{$domain}partial()lsearch*{RUNCONFDIR/smarthosts}}
same_domain_copy_routing
no_verify
no_more
# after "begin transports":
smarthost_smtp:
driver = smtp
port = ${extract{port}{$address_data}{$value}{\
${extract{submission}{$address_data}{587}{25}}\
}}
hosts_require_tls = ${extract{tls}{$address_data}{*}{+tls_required_to}}
hosts_require_auth = ${extract{user}{$address_data}{*}{+authenticate_required_to}}
helo_data = ${extract{helo}{$address_data}{$value}{MYHELO_TO_SMARTHOST}}
# after "begin authenticators":
auth_plain:
driver = plaintext
public_name = PLAIN
server_advertise_condition = ${if def:tls_cipher}
server_prompts = :
server_condition = ${lookup{$2}lsearch{RUNAUTHDIR/user-passwords}\
{${if eq{$value}{$3}{yes}{no}}}{no}}
server_set_id = ${quote:$2}
client_condition = ${if def:tls_cipher}
client_send = ^${extract{user}{$address_data}{$value}{\
${extract{user}{${lookup{$host}partial()lsearch{RUNAUTHDIR/client-passwords}}}{$value}fail}}}\
^${extract{password}{${lookup{\
${extract{user}{$address_data}{$value}{$host}}\
}partial()lsearch{RUNAUTHDIR/client-passwords}}}{$value}fail}
# -Phil
