Re: [exim] Proxy smtp connections to multiple Exim servers b…

Páxina inicial
Borrar esta mensaxe
Responder a esta mensaxe
Autor: Fabio Martins
Data:  
Para: Sebastian Arcus
CC: exim-users
Asunto: Re: [exim] Proxy smtp connections to multiple Exim servers behind proxy
solution inline

On 2023-04-15 17:05, Sebastian Arcus via Exim-users wrote:
> On 15/04/2023 17:00, Fabio Martins wrote:
>> I believe you are trying to use the same IP address for the 3 exim
>> instances, otherwise the solution would be quite simple binding each
>> instance to the proper IP address. Right? Or do you have 3 different
>> public IP addresses?
>
> That's correct - there is only one IP address on the VPS/proxy - which
> needs to serve all the Exim servers behind
>


Ok, so solution will work.

>>
>> If you have only 1 public IP, does a solution forwarding to a
>> subdomain via system_aliases+dsearch+local_parts+cron job updating
>> user list, would satisfy?
>>
>> example:
>>
>> adam@??? -> adam@???
>> eve@??? -> eve@???
>> keyser@??? -> keyser@???
>> soze@??? -> soze@???
>> contact@??? -> contact@???
>
> I can't say that I am really following what you are trying to suggest -
> but I don't think having emails on subdomains would help with my
> problem
>
>


The subdomain trick is just a way to reach the right Exim box.

Cloud Box configuration:

box1 VPN IP: bind it to IP 172.20.10.1
box2 VPN IP: bind it to IP 172.20.10.2
box3 VPN IP: bind it to IP 172.20.10.3

VPN configuration for each client ( adjust IP addresses for your
configuration ):

Box1 will bind to port 25 on VPN IP 172.20.10.1
Box2 will bind to port 25 on VPN IP 172.20.10.2
Box3 will bind to port 25 on VPN IP 172.20.10.3

internal DNS configuration of cloud box ( unbound shall do the trick ):

internal.company1.com MX points to 172.20.10.1
internal.business2.com MX points tp 172.20.10.2
internal.designer3.com MX points to 172.20.10.3

--

Exim configuration of Cloud Box:

# mkdir /etc/exim/domainlistbusiness/
# echo 'adam: adam@???' >>
/etc/exim/domainlistbusiness/company1.com
# echo 'eve: eve@???' >>
/etc/exim/domainlistbusiness/company1.com
# echo 'keyser: keyser@???' >>
/etc/exim/domainlistbusiness/business2.com
# echo 'soze: soze@???' >>
/etc/exim/domainlistbusiness/designer3.com
# echo 'contact: contact@???' >>
/etc/exim/domainlistbusiness/designer3.com

# /etc/exim/exim4.conf ( or proper filename in your box ) (only relevant
lines):

domainlist local_domains =
company1.com:business2.com:designer3.com:internal.company1.com:internal.business2.com:internal.designer3.com

system_aliases:
driver = redirect
allow_fail
allow_defer
domains = dsearch,ret=full;//etc/exim/domainlistbusiness
local_parts = lsearch;$domain_data

data = ${lookup{$local_part}lsearch*@{${domain_data}}}
file_transport = address_file
pipe_transport = address_pipe

--

Exim configuration of VPN Exim Box1 from company1.com ( only relevant
lines ):

primary_hostname = company1.com
domainlist local_domains = company1.com:internal.company1.com

( other VPN boxes you can deduct from above )

--

This dirty / quick trick shall work ok, and its not a complicated setup.

--

Cheers.