Exim version 4.89 #1 built 05-Oct-2017 13:48:15 (Linux Gentoo)
Problem: I have users either with weak passwords or whom give away their
passwords...
Result: Spammers have their "information" so can use my relay mail
server to send spam on my clients behalf to many other people. If it
bounces - then the client has a full mail box quite quickly. Worse - the
IP address of the machine gets blacklisted. This then affects many other
clients.
The machine is for Mail Submission - so it can have a common "inbound"
interface for my clients - and just needs a specific outbound IP address.
I have a fair number of IP addresses. I'd like to have a pool of
interfaces - each with their own IP address. My users details are all
stored in a database table so I could also add an IP address there, the
one that this particular client should use when my EXIM sends out their
e-mail. If that IP address becomes blacklisted - it would then affect a
much smaller percentage of my users. I could then have one IP address
per group of customers!
In exim.conf - I've used:
# Interfaces That Exim Listens on
local_interfaces = <; 127.0.0.1 ; ::1 ; \
192.111.222.1 ; 2001:1234:abcd:5678::1 ; \
192.111.222.2 ; 2001:1234:abcd:5678::2 ; \
192.111.222.3 ; 2001:1234:abcd:5678::3
(fake numbers)
I assume one could assign a particular IP address for outbound?
I already look the user up - e.g. on a different machine that receives
inbound e-mails:-
# quota = 30M
quota = ${lookup mysql {select mail_quota from user_table where
user='${local_part}@${domain}'}}M
...so guess I could fetch an IP address - or easier would be the last
part of an IP address...
In Transports - I have something like:-
begin transports
# This transport is used for delivering messages over SMTP connections.
remote_smtp:
driver = smtp
dnssec_request_domains = *
hosts_try_dane = *
return_path = ${address:$reply_address}
interface = <; 192.111.222.1 ; 2001:1234:abcd:5678::1
So could the "interface =" part be changed to receive the result of a
MySQL query?
Can I pop a value into a variable - and use that? - otherwise I'll be
doing two lookups, one for IPv4 and one for IPv6...
interface = <; 192.111.222.${lookup mysql {select mail_ip from
user_table where user='${local_part}@${domain}'}} ;
2001:1234:abcd:5678::${lookup mysql {select mail_ip from user_table
where user='${local_part}@${domain}'}}
Anyone done this before?
--
Mark James ELKINS - Posix Systems - (South) Africa
mje@??? Tel: +27.128070590 Cell: +27.826010496
For fast, reliable, low cost Internet in ZA: https://ftth.posix.co.za