Hi all,
I'm trying to set up a Debian box to receive email for a domain
(example.com), but send all the mail on directly to an Exchange server.
[Internet] --> [Debian box] --> [Exchange server]
The (only) MX record points to the Debian box. I've read everything I
can find about Debian's 'hubbed hosts' (and the thread 'EXIM and
Exchange 2007' from 2009 on this list) and it seems hubbed_hosts is the
right way to handle this; I'm using the split configuration, so I've
looked in 150_exim4-config_hubbed_hosts, I've entered the domain and the
address of the Exchange server in hubbed_hosts, I've run
'dpkg-reconfigure exim4-config' and mail is (sort of) flowing the way I
want it to... but some issues remain.
1. Using 'dpkg-reconfigure exim4-config') do I put example.com in as a
"recipient domain for which this machine should consider itself the
final destination" or instead as a "recipient domains for which this
system will relay mail"? The latter seems to work but is it the right
choice?
2. The default 150_exim4-config_hubbed_hosts router doesn't appear to
check the validity of the local_part, so when I first set things going I
ended up bouncing mail back from the Exchange box if it was addressed to
<nobody>@example.com. Bouncing messages back from the Exchange box
seems a Bad Idea, I'd rather not accept them on the Debian/Exim box at
all, so I've tweaked the 150_exim4-config_hubbed_hosts router to
include a local_parts check, as follows:
local_parts = "${if exists{CONFDIR/domains/$domain}\
{lsearch;CONFDIR/domains/$domain}\
fail}"
I then extracted all my valid email address from Exchange using an LDAP
query, stuck the local_parts in CONFDIR/domains/example.com, and now
exim should be able to check a valid user exists before accepting mail.
This sort of works - mail flows ONLY if the email address is valid (i.e.
the local part exists in CONFDIR/domains/example.com), if the email
address ISN'T valid then I get "451 Temporary local problem - please try
later" because "lowest numbered MX record points to local host:
example.com (while verifying <nobody@???>". In this situation I
basically expected Exim to say "Sorry, unknown user". Obviously I want
the Debian/Exim box to continue to receive email (and queue it) even if
the broadband link and/or Exchange itself go down, so I don't want Exim
to be trying to call out to the Exchange box to verify every address, do
I? Now that I have a local_parts check in the router should I simply
disable callouts for recipient verification?
I get the feeling I'm fighting this because I haven't quite 'got' the
way I'm supposed to be using 'hubbed_hosts'... am I missing something?
Thanks in advance...
James
