Re: [exim] Proxy smtp connections to multiple Exim servers b…

Top Page
This message is part of the following thread:
Mthe complete thread tree sorted by date
MEvgeniy Berdnikov at <-
MAndrew C Aitchison at ->
Delete this message
Reply to this message
Author: Sebastian Arcus
Date:  
To: Andrew C Aitchison
CC: Exim Users
Subject: Re: [exim] Proxy smtp connections to multiple Exim servers behind proxy
On 15/04/2023 18:44, Andrew C Aitchison wrote:
> On Sat, 15 Apr 2023, Sebastian Arcus via Exim-users wrote:
>
>> I have a number of Exim servers behind a NAT gateway (actually
>> connected with vpn's to a cloud vps - but I'm hoping this is not
>> relevant to this post). I would like the gateway to send incoming port
>> 25 traffic to the correct Exim server based on SNI in incoming TLS
>> packets - as different Exim instances serve different email domains.
>> The setup would look like this:
>>
>>                      [Internet]
>>                          |
>>                          |
>>                    (smtp port 25)
>>                          |
>>                          v
>>                          |
>>                   [Cloud server]
>>                          |
>>                          v
>>                          |
>>       ----------------------------------------
>>       |                  |                   |
>>       |                  |                   |
>> [Exim server 1]    [Exim server 2]    [Exim server 3]
>>
>>
>> I would have preferred to do this at IP tables level - but apparently
>> not really possible. It seems the next option would be HAProxy. Has
>> anyone here used HAProxy or run a setup as above, or know if this is
>> actually doable? Any suggestions much appreciated.
>
> Will the mail storage be on these machines running exim ?
> Don't forget about balancing dovecot, or whatever will make the mailboxes
> available to your users, too.

Each box behind the proxy/nat has Exim and Dovecot on it - serving their
own domain and users separate from other boxes.

>
> Since you have different domains, my first thought would just be to
> assign them different MXes with different IPs ...

This is the situation now. But managing a full set of internet
connections with fixed IP addresses and reverse dns records is turning
into a major drag. Every time the internet connection on one of the
boxes has to change provider, it becomes a whole project managing the
migration, with downtime while the provider assigns a PTR record to the
connection. On occasion it has taken 2 weeks. This is why I would like
to have all boxes use one single public IP address and one PTR record
through the VPS / cloud server for smtp purposes, with the VPS acting as
a SMTP proxy / gateway.

This message was posted to the following mailing lists:
Exim-users
Mailing List Info | Nearby Messages		<-Re: [exim] Proxy smtp connections to multiple Exim servers behind proxyRe: [exim] Proxy smtp connections to multiple Exim servers behind proxy->
Tahini and Hummus and Cumin Development Archives administrated by cumin AdminsLurker (version 2.3)