On Wed, Dec 05, 2007 at 01:47:33PM -0600, Bob Goldberg wrote: > running debian etch w/ exim 4. > > I want to setup exim to receive internet email, and accept/relay ONLY emails > to a recipient listed in a text file, on to my exchange server. It will not > send any outbound email. I think I've figured out how to do this. more below. > > I've been having a heck of a time getting this to work. been trying to edit > config files, make my own router etc... > I'm thinking I shouldn't need to make my own router, just mod an existing > one, but not sure which to use for sure.... you're close. you can do this all with ACL's and then one simple router and one simple transport for everything. > (1) i'm dpkg-reconfig 'g and I'm being asked "should this machine consider > itself the final destination". > I'm not even 100% sure how to answer this stupid question. What EXACTLY IS > the final destination? "final destination" means that exim should take that mail and actually stick it in users mailboxes. > is my debian box the final destination even though it will relay all email > to an exchange server, and have NO "localhost" email boxes??? no [snipping poor frustrated Bob...] > So then, if I go to mod the exim.conf.template file - I have NO IDEA what to > do in here, because it references all kinds of variables I know nothing (or > next to) about! exim.conf.template is a template file that debian's exim uses to build a exim4.conf form on the fly. That's why there are all those wacky variables. They get expanded into other variables in an actual exim4.conf file (not really a file, I don't think, because it never really exists on the system) that exim reads at startup. I think. heh. I think you should stay away from dpkg-reconfigure for this one. Use the example file /usr/share/doc/exim4/examples/example.conf.gz, unzip it somewhere and look through it. here are the parts I think apply to your setup. sorry about the wrap ###################################################################### # MAIN CONFIGURATION SETTINGS # ###################################################################### # Specify your host's canonical name here. This should normally be the fully # qualified "official" name of your host. If this option is not set, the # uname() function is called to obtain the name. In many cases this does # the right thing and you need not set anything explicitly. primary_hostname = <name of your machine here: some.domain.com, or leave it blank and let it look up itself> # The next three settings create two lists of domains and one list of hosts. # These lists are referred to later in this configuration using the syntax # +local_domains, +relay_to_domains, and +relay_from_hosts, respectively. They # are all colon-separated lists: domainlist local_domains = <leave this blank, no local delivery> domainlist relay_to_domains = <in here put your domains: *.myco.com, that is, the ones you are recieving mail from> hostlist relay_from_hosts = <leave this blank, you're not relaying from any hosts> then scroll down to the acl's and look for accept local_parts = postmaster domains = +local_domains you're going to make one similar to it: accept local_parts = ${lookup{$local_part}lsearch{/path/to/recipient-file}} domains = +relay_to_domains That says, accept the message if the local_parts (parts before the @) are in the recipient-file AND the domain (part after the @) is in the variable relay_to_domains you set above. So to accept mail for bob@myco.com you need 'bob' in that file and relay_to_domains = myco.com : fooco.com : barco.com etc... then put in a big fat deny for everything else: deny message = relay not permitted You can probably delete most of the other ACL stuff, but the comments are good, so read them over. I would suggest you comment out the other accept ones. Note, I have *NOT* tested that local_parts expression above. I don't actually know if that works, but I think it does. You will need a simple flat text file with the local_parts of your recipients listed out. Make sure that exim4 can read it (chown root:Debian-exim should do it). That should take care of it on the acl side. Then you need a router and a transport. This gets tricky because I don't know what you need (if anything) to authenticate to the exchange server, but I'm going to assume its an unauthenticated smtp connection on your secure lan. begin routers # this router, the only router, sends all accepted mail to the # exchange_smtp transport exchange_router: driver = manual domains = * transport = exchange_smtp begin transports # this transport, the only transport, sends all routed mail to the # exchange server. exchange_smtp: driver = smtp hosts = <your exchange server's name or IP> This is heavily *NOT* tested, but maybe it helps you get going. > So - while I'm on my rant - what email server do SMART people run on debian > (what should I be using)? I'm told I'm smart and I run exim, but that's not necessarily a good indicator. ;-) A
Attachment:
signature.asc
Description: Digital signature