Re: [exim] shunting off email from MX1+MX2 to third unpublis…

Top Page
Delete this message
Reply to this message
Author: Dennis Chang [C]
Date:  
To: Exim-users
Subject: Re: [exim] shunting off email from MX1+MX2 to third unpublished MX running Exim4 to filter just one user locally?
Thanks, Eugene-

I spoke with the Exchange admin and he took care of it. They were blocking all relaying except from specific IP addresses.

So your original suggestion works completely.

Here is my config file (Ubuntu 12/Debian ??) update-exim4.conf.conf for anyone else who runs into this situation:

dc_eximconfig_configtype='smarthost'

dc_other_hostnames='cmpr01 : domain.com'

dc_local_interfaces=''

dc_readhost=''

dc_relay_domains='domain.local'

dc_minimaldns='false'

dc_relay_nets=''

dc_smarthost='exchange1.domain.local'

CFILEMODE='644'

dc_use_split_config='true'

dc_hide_mailname='false'

dc_mailname_in_oh='true'

dc_localdelivery='maildir_home'



So far, it works in the test lab via telnet directly to the Exim4 server. I can drop a test message there addressed to help@??? and watch it get filtered and redelivered to the support@??? email address, provided I use the LOCAL, internal domain name of support@???<mailto:support@domain.local>. I had to add that address to the list of SMTP addresses for the Active Directory user-that was the only other change on the Exchange side to get this all working properly.

THANK YOU, again, Eugene. You proposed an easy fix for me, although there were a lot of head-scratcher moments due to unforeseen restrictions on the Exchange server.

There IS one more concern; based on the current setup, any emails accidentally arriving at the Exim4 server for ???@domain.com<mailto:???@domain.com> that are not addressed to help@???<mailto:help@domain.com> are rejected as "550 Unroutable address." But, this is never supposed to happen because the Ironport is supposed to only forward email to the Exim4 server that matches help@???<mailto:help@domain.com>.

I'll raise this as a separate question if it does turn out that this Exim4 server must be able to re-relay ALL other ???@domain.com<mailto:???@domain.com> emails to the Exchange server as a smarthost.

Dennis.

On 2013-05-09 21:01, Evgeniy Berdnikov wrote:
> On Wed, May 08, 2013 at 09:23:13PM +0000, Dennis Chang [C] wrote:
> > However, I may not be able to use the other trick you mentioned for redirecting mail to support@???<mailto:support@exchange.domain.com>. I am not sure why yet, but test emails sent from my workstation to the internal FQDN of the Exchange server don't work. (The Exim4 server is not even involved in this test.) So there may be something with the configuration of the Exchange servers (which I am not in charge of) that prevents me from going this route.


>
> You can easily test configuration of Exchange servers running SMTP session
> by hands, with telnet, something like this:
>
> ?0telnet exchange.domain.com
> 220 domain.com Microsoft ESMTP MAIL Service ready at...
> HELO somehost.domain.com
> 250 domain.com Hello [xxx.xxx.xxx.xxx]
> MAIL FROM: <>
> 250 2.1.0 Sender OK
> RCPT TO: <support@???>
> ...
>
> You should receive here the reply with 250 status-code if address is valid
> for the Exchange configuration and 4xx/5xx code if not.
> --
> Eugene Berdnikov
>
>

******************************************************************************************
This communication constitutes an electronic communication within the meaning of the Electronic Communications Privacy Act [18 USC 2510] and it is intended to be received and read only by certain individuals for their sole use and benefit. It may contain information that is privileged or protected from disclosure by law. If it has been misdirected, or if you suspect you have received this in error, please notify me by replying and then delete both the message and reply. Thank you.
***Consider the environment before printing.***
******************************************************************************************