Author: Sebastian Arcus Date: To: Fabio Martins CC: exim-users Subject: Re: [exim] Proxy smtp connections to multiple Exim servers behind
proxy
On 15/04/2023 23:16, Fabio Martins wrote: > solution inline
>
> On 2023-04-15 17:05, Sebastian Arcus via Exim-users wrote:
>> On 15/04/2023 17:00, Fabio Martins wrote:
>>> I believe you are trying to use the same IP address for the 3 exim
>>> instances, otherwise the solution would be quite simple binding each
>>> instance to the proper IP address. Right? Or do you have 3 different
>>> public IP addresses?
>>
>> That's correct - there is only one IP address on the VPS/proxy - which
>> needs to serve all the Exim servers behind
>>
>
> Ok, so solution will work.
>
>>>
>>> If you have only 1 public IP, does a solution forwarding to a
>>> subdomain via system_aliases+dsearch+local_parts+cron job updating
>>> user list, would satisfy?
>>>
>>> example:
>>>
>>> adam@??? -> adam@???
>>> eve@??? -> eve@???
>>> keyser@??? -> keyser@???
>>> soze@??? -> soze@???
>>> contact@??? -> contact@???
>>
>> I can't say that I am really following what you are trying to suggest
>> - but I don't think having emails on subdomains would help with my
>> problem
>>
>>
>
> The subdomain trick is just a way to reach the right Exim box.
>
> Cloud Box configuration:
>
> box1 VPN IP: bind it to IP 172.20.10.1
> box2 VPN IP: bind it to IP 172.20.10.2
> box3 VPN IP: bind it to IP 172.20.10.3
>
> VPN configuration for each client ( adjust IP addresses for your
> configuration ):
>
> Box1 will bind to port 25 on VPN IP 172.20.10.1
> Box2 will bind to port 25 on VPN IP 172.20.10.2
> Box3 will bind to port 25 on VPN IP 172.20.10.3
>
> internal DNS configuration of cloud box ( unbound shall do the trick ):
>
> internal.company1.com MX points to 172.20.10.1
> internal.business2.com MX points tp 172.20.10.2
> internal.designer3.com MX points to 172.20.10.3
>
> --
>
> Exim configuration of Cloud Box:
>
> # mkdir /etc/exim/domainlistbusiness/
> # echo 'adam: adam@???' >>
> /etc/exim/domainlistbusiness/company1.com
> # echo 'eve: eve@???' >>
> /etc/exim/domainlistbusiness/company1.com
> # echo 'keyser: keyser@???' >>
> /etc/exim/domainlistbusiness/business2.com
> # echo 'soze: soze@???' >>
> /etc/exim/domainlistbusiness/designer3.com
> # echo 'contact: contact@???' >>
> /etc/exim/domainlistbusiness/designer3.com
>
> # /etc/exim/exim4.conf ( or proper filename in your box ) (only relevant
> lines):
>
> domainlist local_domains =
> company1.com:business2.com:designer3.com:internal.company1.com:internal.business2.com:internal.designer3.com
>
>
> system_aliases:
> driver = redirect
> allow_fail
> allow_defer
> domains = dsearch,ret=full;//etc/exim/domainlistbusiness
> local_parts = lsearch;$domain_data
>
> data = ${lookup{$local_part}lsearch*@{${domain_data}}}
> file_transport = address_file
> pipe_transport = address_pipe
>
> --
>
> Exim configuration of VPN Exim Box1 from company1.com ( only relevant
> lines ):
>
> primary_hostname = company1.com
> domainlist local_domains = company1.com:internal.company1.com
>
> ( other VPN boxes you can deduct from above )
>
> --
>
> This dirty / quick trick shall work ok, and its not a complicated setup.
That still seems like quite a complex setup. I was thinking of just
using the Exim routers in the front end machine to choose the correct
back-end machine to forward the email to. Something like:
