Re: [exim] Sending mail through "proxy based" content filter

Top Page
This message is part of the following thread:
Mthe complete thread tree sorted by date
MChris Siebenmann at <-
MJeremy Harris at ->
Delete this message
Reply to this message
Author: Sebastian Nielsen
Date:  
To: Chris Siebenmann
CC: exim-users
Subject: Re: [exim] Sending mail through "proxy based" content filter
Now I get the following:

2017-11-17 21:04:18 1eFms6-0002c4-Hy <= sebastian@???
H=(DESKTOPA8GMOTG) [192.168.4.100] P=esmtpa A=plain_server:server
S=2731 id=01ea01d35fdf$3fd3d7b0$bf7b8710$@???
2017-11-17 21:04:18 1eFms6-0002c4-Hy remote host address is the local
host: gmail.com
2017-11-17 21:04:18 1eFms6-0002c4-Hy == nielsen.sebastian@???
R=pmx_smarthost defer (-1): remote host address is the local host
2017-11-17 21:04:18 1eFms6-0002c4-Hy Frozen 

I have put
        remote_pmx_smtp:
          debug_print = "T: remote_pmx_smtp for $local_part@$domain"
          driver = smtp
          port = 10025
          allow_localhost


as transport but it seems to freeze messages anyway.

2017-11-17 18:45 GMT+01:00 Chris Siebenmann <cks@???>:
>> How I accomplish sending mail through a "Proxy based" content filter?
>> I have only found configuration examples on how to route remote mail
>> to a "smarthost", but ALL mail should be routed through the Proxy
>> provided the mail is acceptable (either acceptable for relaying, or
>> acceptable for local delivery)
>>
>> What I want to do, is to have a mail host, where all mail, regardless
>> of if they are local-local, local-remote or remote-local, should be
>> delivered to 127.0.0.1:10025 Before that, any SPF or DKIM should be
>> verified, since the Proxy modifies mail, and any DKIM signatures will
>> get bougus of that.
>
> In general, you will want multiple routers. Very early on, perhaps
> as your first router, set one that forces all email that didn't arrive
> over the special return port off to the proxy, which will look something
> like this.
>
>         pmx_smarthost:
>           debug_print = "R: pmx_smarthost for $local_part@$domain"
>           cannot_route_message = Unknown user
>           condition = ${if !eq{$received_port}{10026}}
>           driver = manualroute
>           route_list = * PMX_PROXY_IP
>           transport = remote_pmx_smtp

>
> Then a transport for it:
>         remote_pmx_smtp:
>           debug_print = "T: remote_pmx_smtp for $local_part@$domain"
>           driver = smtp
>           port = 10025

>
> HOWEVER, this router design is incomplete as I've presented it,
> because you'll need to take steps to somehow stop being an open
> relay. In general you're going to need a collection of conditions on
> $received_port so you can tell external email (which you should not
> relay) from email that comes back from the proxy and email that was
> generated on the machine (or from localhost).
>
> (In general you're going to end up treating your routers as a little
> programming language that is mostly 'if's.)
>
> For SPF and DKIM verification, you'll want to make the ACL statement(s)
> that do this be conditional on $received_port being 25 and perhaps on
> the source IP not being localhost.
>
>         - cks

This message was posted to the following mailing lists:
Exim-users
Mailing List Info | Nearby Messages		<-Re: [exim] Subject / Topic (T=) encoding in exim mainlogRe: [exim] Sending mail through "proxy based" content filter->
Tahini and Hummus and Cumin Development Archives administrated by cumin AdminsLurker (version 2.3)