Deutsch English
Jump to
Legal Notice
Your feedback:
Did you like this page? vote3 Yes
vote2 Partly
vote1 No
Your comment?

Add your email address, if you want to get a response

Your name, if you like

Do not change this:
Feedback
Search

Use Exim With Multiple Smarthosts

This page explains how to configure the mailserver Exim (tested with version 4.5) to deliver mails from some sender-addresses over designated smarthosts. This might be interesting if you deliver mails for customers of several freemailers, don't want to deliver the mails directly and don't have a smarthost that accepts mails with arbitrary sender-addresses.
Additionally it is explained how to assign destination-addresses to local user-names in order to deliver mails to this addresses directly to the assigned user.
Finally some convenient Exim options are listed.
05-10-2005 15.05
FIXME /etc/exim4.conf

Abstract

Exim is normally configured with the file /etc/exim/exim.conf. All examples on this page refer to this file.
Additionally I have created a file /etc/exim/smtp_users. In this file each line lists an email-address with some informations about this address:
userx@example.com:   user=usera   smart_host=mail.example.com   auth_name=u113   auth_pass=secret
  • A user called usera has somewhere the email-address userx@example.com.
  • Mails to userx@example.com are no longer delivered to this address but directly to the local user usera.
  • Mails from userx@example.com are delivered over the smarthost mail.example.com with the user-name u113 and the password secret (cram_md5 encrypted).
userx@example.com:                smart_host=mail.example.com   auth_name=u113   auth_pass=secret
  • Now mails to userx@example.com are really delivered to this address.
userx@example.com:   user=usera   smart_host=mail.example.com   auth_plain=^u113^secret
  • Now we don't use cram_md5 to encrypt the password but send the it plain-text.
userx@example.com:   user=usera
  • Here we don't use a smarthost but deliver the mails directly to the destination mailserver.
Please note that all names and addresses in the examples are fictitious and any similarity to actual names or addresses is unintentional.
12-10-2005 02.11

Define Smarthost

  1. The simplest variation is to deliver mails directly. The achieve this write this entry in your "ROUTERS CONFIGURATION" section:
    # direct delivery
    smarthost_directly:
      debug_print = "R: dnslookup for $local_part@$domain"
      driver = dnslookup
      domains = ! +local_domains
      transport = remote_smtp
      #same_domain_copy_routing = yes
      #ignore_target_hosts = 0.0.0.0 : 127.0.0.0/8 : 192.168.0.0/16 : 172.16.0.0/12 : 10.0.0.0/8 : 169.254.0.0/16
      no_more
  2. Alternative you may define a smarthost that delivers all your mail. If your provider's smarthost is called mail.example.com use this entry:
    FIXME
    smarthost:
       driver = domainlist
       transport = remote_smtp
       route_list = "* mail.example.com bydns_a"
  3. Some smarthosts only accept their own addresses. This is how you distribute your mails to different smarthosts according to their sender-domain:
    FIXME
    smarthost_alpha:
       condition = ${if eq {${lc:$sender_address_domain}} {example.com} {true} fail }
       driver = domainlist
       transport = remote_smtp
       route_list = "* mail.example.com bydns_a"

    smarthost_beta:
       condition = ${if eq {${lc:$sender_address_domain}} {example.org} {true} fail }
       driver = domainlist
       transport = remote_smtp
       route_list = "* smtp.example.org bydns_a"

    ...
  4. You may even have a different smarthosts for each sender-address:
    FIXME
    smarthost_alpha:
       condition = ${if eq {${lc:$sender_address}} {usera@example.com} {true} fail }
       driver = domainlist
       transport = remote_smtp
       route_list = "* mail.example.com bydns_a"

    smarthost_beta:
       condition = ${if eq {${lc:$sender_address}} {userb@example.com} {true} fail }
       driver = domainlist
       transport = remote_smtp
       route_list = "* mail.example.com bydns_a"

    ...
  5. If you use the configuration file I presented at the beginning of this page use this to let exim automatically decide if and which smarthost to use:
    smarthost_auto:
       condition = ${extract{smart_host}{${lookup{$sender_address}lsearch{/etc/exim/smtp_users}{$value}fail}}}
       driver = manualroute
       domains = ! +local_domains
       route_list = "* ${extract{smart_host}{${lookup{$sender_address}lsearch{/etc/exim/smtp_users}{$value}fail}}} bydns_a"
       transport = remote_smtp
    # direct delivery
    smarthost_directly:
      debug_print = "R: dnslookup for $local_part@$domain"
      driver = dnslookup
      domains = ! +local_domains
      transport = remote_smtp
      #same_domain_copy_routing = yes
      #ignore_target_hosts = 0.0.0.0 : 127.0.0.0/8 : 192.168.0.0/16 : 172.16.0.0/12 : 10.0.0.0/8 : 169.254.0.0/16
      no_more
05-10-2005 19.51

Address Rewriting

  • The following entry delivers all mails to somemachinename@example.com to server@example.com:
    *@*.example.com      $1@server.example.com    T
  • Users of my configuration file may use this entry to deliver mails to users instead of the users public email-address if you have a matching line in the configuration file:
    *@* "${extract{user} {${lookup{$0}lsearch{/etc/exim/smtp_users}{$value}fail}} {$value} fail}@localhost" T
06-08-2005 13.09

Authentication

  • Enable authentication for hosts host1.example.com, host2.example.net and host3.example.org (you have to list all smarthosts where Exim may authenticate users):
    remote_smtp:
      debug_print     = "T: remote_smtp for $local_part@$domain"
      driver = smtp
      hosts_try_auth  = host1.example.com:host2.example.net:host3.example.org
  • SMTP-Auth with the name "usera" and the password "secrect" (cram_md5 encrypted):
    cram_md5:
         driver = cram_md5
         public_name = CRAM-MD5
         client_name = usera
         client_secret = secrect
  • SMTP-Auth with the name "usera" and the password "secrect" (plaintext):
    plain:
         driver = plaintext
         public_name = PLAIN
         client_send = ^usera^secrect
  • Or get name, password and send method automatically from my config-file:
    cram_md5:
         driver = cram_md5
         public_name = CRAM-MD5
         client_name = "${extract{auth_name}{${lookup{$sender_address}lsearch{/etc/exim/smtp_users}{$value}fail}}}"
         client_secret = "${extract{auth_pass}{${lookup{$sender_address}lsearch{/etc/exim/smtp_users}{$value}fail}}}"
    plain:
         driver = plaintext
         public_name = PLAIN
         client_send = "${extract{auth_plain}{${lookup{$sender_address}lsearch{/etc/exim/smtp_users}{$value}fail}}}"
05-10-2005 18.16

Convenient Options

Beside the options concerning the smarthosts there are several other options you might be interested in:
  • ###
    # MAIN CONFIGURATION SETTINGS
    ###
  • Only accept mails where all headers's syntax is error-free. (beware: OE and Bcc recipients):
    FIXME (gibts nicht mehr?)
    headers_check_syntax
  • Only accept SMTP connections from localhost. This might suffice if you receive your mails with POP3:
    hostlist relay_from_hosts = 127.0.0.1 : ::::1
    ...
    begin acl
    ...
    accept hosts = +relay_from_hosts
  • Additionally accept mails from 10.0.* addresses:
    hostlist relay_from_hosts = 127.0.0.1 : ::::1 : 10.0.0.0/16
    ...
    begin acl
    ...
    accept hosts = +relay_from_hosts
  • Allow some trusted users to change their sender-address:
    trusted_users = mail:user1:user2
  • Always send a copy of error-message-mails to the postmaster:
    freeze_tell_mailmaster
    errors_copy = "*@*  postmaster"
  • If you don't use this option some mailing-list software might reveal all Bcc recipients:
    FIXME (gibts nicht mehr?)
    always_bcc
  • Store mail that have to be sent to remote hosts and sent them only if requested to do so.
    #queue_smtp_domains = ! +local_domains
    queue_domains = ! +local_domains
  • ###
    # TRANSPORTS CONFIGURATION
    ###
  • Deliver mails to /home/user/Maildir/ instead of /var/spool/mail/user:
    FIXME: Nachsehen was mit den Optionen ist die es bei Neu nicht gibt
    local_delivery:
      driver = appendfile
      create_directory = true
      directory_mode = 700
      group = mail
      mode = 0660
      mode_fail_narrower = false
      envelope_to_add = true
      #file = /var/spool/mail/${local_part}
      directory = ${home}/Maildir/
      maildir_format
    Neu:
     transport = maildir_home
     ...

    maildir_home:
      debug_print = "T: maildir_home for $local_part@$domain"
      driver = appendfile
      directory = $home/Maildir
      delivery_date_add
      envelope_to_add
      return_path_add
      maildir_format
      mode = 0600
      mode_fail_narrower = false
  • ###
    # REWRITE CONFIGURATION
    ###
  • Rewrite address abc@example.com to address def@example.net:
    abc@example.com  def@example.net  FLAG
    You can select with FLAG which headers will be rewritten:
    E All envelope, F all envelope From, T all envelope To, b Bcc:, c Cc:, f From:, h all headers, r Reply-To:, s Sender:, t To:
12-10-2005 02.11

Examples

An example for each file mentioned here:
The file permissions must allow exim to read the files. Otherwise smtp_users should be protected from other users. Depending on your configuration it might look like this: 
-rw-r-----  1  root  mail  ...  smtp_users
06-08-2005 13.09

Links

06-08-2005 13.09
Powered by PHP Created with Xemacs Valid XHTML 1.0! Valid CSS!