On 11/06/2011 16:00, Nigel Metheringham wrote:
> On 11 Jun 2011, at 10:18, exim@??? wrote:
>> Behaviour we are pursuing with Exim, only for a particular domain:
>>
>> Among all the domains that are served regularly, a given domain, and only that domain, needs to follow an internal messaging system policy, i.e.:
>>
>> - No emails can be sent to, nor received from, any other domains, hosted on the same server or elsewhere.
>> - Emails regarding that domain are accepted only if sent to, or received from, that particular domain itself.
> Personally for a 2 zone setup like this I would consider running 2 separate instances of exim on different IP addresses and with separate configuration and queues.
>
> However, in either a combined or a split out instances configuration, the way you probably want to do this is by making the routers conditional rather than applying additional filters, so
>
> # router for restricted domain - this domain can only send or be sent
> # to itself
> restricted_domain:
> driver = accept
> domains = restricted.doma.in
> senders = *@restricted.doma.in
> transport = local_restricted_delivery
>
> # router for other domains
> other_domains:
> driver = accept
> domains = doma1.in : doma2.in # but not restricted.doma.in
> senders = ! *@restricted.doma.in
> transport = local_normal_delivery
>
> and use the same conditions on the general send-elsewhere router
>
> Nigel.
> --
> [ Nigel Metheringham ------------------------------ nigel@??? ]
> [ Ellipsis Intangible Technologies ]
Sounds like a requirement to split "inside" from "outside".
We run public instances of exim called relay1... relay2... relay3 that
are all configured via a common (replicated) mysql database for the
external view. This allows us to do common stuff for several tens of
domains. Relays have a "next hop" (forward to) config item that causes
email to be forwarded to the internal host that implements teh local
email service.
Mike
