[exim] Magical manualroute processing

Top Page
Delete this message
Reply to this message
Author: Wayne Cuddy
Date:  
To: exim-users
Subject: [exim] Magical manualroute processing

I have multiple MTAs behind a firewall. I have EXIM 4.63 on a Debian
Linux system in a DMZ in front of the firewall. The firewall has
specific ports which are NAT'ed to internal MTAs for unique domains.

So if the firewalls interface is: 10.0.0.1 it will NAT connections like
so:

Relayed Domains        DMZ Interface    Internal MTAs
dom1.com        10.0.0.1:1025 => 11.0.0.1:25
dom2.com        10.0.0.1:1026 => 12.0.0.1:25


I'm using the manualroute router, called "smarthost", in conjunction
with a DBM file to map the relayed domains to the firewall ports. What I
have found is that messages destined for one domain get delivered via an
incorrect port to the wrong server, this usually winds up with a "relay
denied" result causing the message to dropped. Sometime messages don't
get delivered at all. I recently added a fake domain "eximfakedom.com"
to the route_data file pointing at a port that is not listening. EXIM
initially determines that the connection is refused, shortly thereafter
it states that the message is completed... how can this be? See the log
output below, I know for a fact nothing is listening on port 4000.

Does it have anything to do with the '*' character after the port on the
4th line? Also it seems that EXIM only keep retry information associated
with a hostname:IP address pair, is there any way to include the port
number?

2008-11-26 02:53:48 1L5AXA-0007nD-3l <= my@??? H=http-3.qs-va.orbcomm.net [10.203.5.26] P=smtp S=229
2008-11-26 02:53:48 1L5AXA-0007nD-3l 10.203.5.28 [10.203.5.28]:4000 Connection refused
2008-11-26 02:53:48 1L5AXA-0007nD-3l == testuser@??? R=smarthost T=remote_smtp defer (111): Connection refused
2008-11-26 02:53:48 1L5AXA-0007nD-3l => testuser@??? R=smarthost T=remote_smtp S=239 H=10.203.5.28 [10.203.5.28]:4000* DT=0s
2008-11-26 02:53:48 1L5AXA-0007nD-3l Completed

Any an all help is greatly appreciated!

Thanks,
Wayne