Author: W B Hacker Date: To: exim users Subject: Re: [exim] How do I force exim to dnslookup certain addresses?
Bruce A. Bergman wrote: > Hello group!
>
> Newbie exim admin here. I am very experienced with sendmail, but on
> my new server (Debian 6), I've decided to give exim4 a try. I've got
> it pretty well laid out, but with ONE small, tiny puzzle. Hence why
> I'm asking you! ;-)
>
> By way of explanation of what I want, here's my (fake) example:
>
> Server and domain that exim4 is running on: goofy.com Primary use:
> ecartis mailing list host. In /etc/aliases, I have all the valid
> ecartis mail aliases that can be accepted. For example:
> test-l@???, blah-l@???, etc.
>
> When I go to mail to test-l@??? (locally or remotely), I would
> like that address (basically any address in /etc/aliases) handled
> locally. In this case, piped to the ecartis executable. THIS WORKS.
>
> What doesn't work is that if I have any local (goofy.com) addresses
> in the mailing list (i.e., john@???), then when ecartis emails
> the mailing list message out, it tries to deliver john@???
> locally, but there is NO mailbox/user/address by that name. And so I
> get an "Unrouteable address" error sent back. All the other non-local
> users get their mailing list message just fine (as expected).
>
> After much trial and error, I give up. I THINK what I need is this
> chain of logic:
>
> If the incoming destination address exists in /etc/aliases, deliver
> it per the rules in that alias file. If it does NOT exist in that
> file, regardless of whether it is the local domain or not, do a
> dnslookup and deliver thusly. Using my example above, blah-l and
> test-l exist in /etc/aliases, so those should be handled as per the
> rules in that file. john@ is NOT in that file, even though it is part
> of the local domain, so I would like it to then dnslookup that
> address (where it will see that it is off-host) and deliver it
> there.
>
> How can I achieve this? Please let me know if this explanation isn't
> clear, or anyone would like more detailed information.
>
> Thanks!! bruce
>
>
CAVEAT: Ecartis is 'retired'. So am I.
That said, for some years I used a very different multiple-domain
Exim+Ecartis setup that doesn't need those aliases at all (posted to the
Ecartis lists many years ago).
For the 'vanilla' single-domain config, I suspect that the problem goes
away if you simply:
- remove all of the ecartis-specific addresses from the *system*
/etc/aliases file.
- create a NEW aliases file for Ecartis (only), and put them in there.
It need not be in /etc
So long as Exim has read privs, you can keep it in the Ecartis
workspace. Or in /var. Or anywhere you can give Exim read privs.
- Place an Exim router that reads that Ecartis-specific aliases file
AFTER your remote_smtp router. Might become your very last router.
Add a similarly bespoke transport if need be, ELSE copy and modify the
transport for the system aliases router.
CAVEAT: Does nothing about abuse of the list(s), nor does it prevent
backscatter abuse of Ecartis' bounces off a closed-post list, even if
Exim itself would not have been exploitable in that regard. Exim 'see's
Ecartis' output as a fresh smtp submission session each time.
Rather than resurrect fixes to THAT wheel, you might want to look at a
newer MLM that still has an active devel and user community. More
especially so if SPF, DKIM and sputniks are on your plate, as Ecartis
never had those.