Mailing List Archive

routing logic based on sender and recipient
I am banging my head against the wall trying to solve a routing problem
with a different MTA, and I'm getting nowhere.

I know Exim is very configurable, but I've never actually used it. I'd
like to setup a test instance and try to achieve the desired routing
algorithm. This is for a QA site which is a copy of the production site,
with some exceptions: e.g., emails generated during testing must be
routed locally, as opposed to blasting the Internet with bogus messages.
There are some extra twists as well.

The mail server is receiving email from several QA machines via SMTP,
and then delivers it according to various rules.

The logic is this:

1. All emails with a sender @boringdomain.com will be routed to the
Internet as if this was a plain relay, no exceptions, no special rules.
Basically, I need to punch a clean relay hole through the system for
these senders. If there's no match here, go to next rule:

2. All emails with a recipient within a very short list
(jim@fancydomain.com, joe@fancydomain.com) are delivered locally, and
will typically be processed by various scripts specified in ~/.forward.
If there's no match here, then next:

3. All emails with the recipient @fancydomain.com are to be delivered
via SMTP to relay1.fancydomain.com. If no match here, then:

4. All other emails will be delivered locally (and then will bounce with
user not found, and sent to a local account which is the sender for
these emails, and will get caught by other scripts).

I have rules 2-4 already implemented in a different MTA software for a
long time now and everything works great, I just can't do sender-based
routing before recipient-based for the new rule #1.

Could someone sketch an Exim config example that would achieve the logic
described above? Thank you.

--
Florin Andrei
http://florin.myip.org/

--
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/
Re: routing logic based on sender and recipient [ In reply to ]
Florin Andrei wrote:
> The mail server is receiving email from several QA machines via
> SMTP, and then delivers it according to various rules.
>
> The logic is this:

[snip]

Exim processes mail in the order specified in the routers section,
most (if not all) of the rules below can be achieved by the ordering
of your routers.

>
> 1. All emails with a sender @boringdomain.com will be routed to the
> Internet as if this was a plain relay, no exceptions, no special
> rules. Basically, I need to punch a clean relay hole through the
> system for these senders. If there's no match here, go to next rule:

router_for_boringdomain:
driver = dnslookup
senders = *@boringdomain.com
transport = remote_smtp
no_more

> 2. All emails with a recipient within a very short list
> (jim@fancydomain.com, joe@fancydomain.com) are delivered locally,
> and will typically be processed by various scripts specified in
> ~/.forward. If there's no match here, then next:

router_for_dot_forwards_fancydomain:
driver = redirect
check_local_user
file = $home/.forward
file_transport = address_file
pipe_transport = address_pipe

you may want to include:

reply_transport = address_reply

> 3. All emails with the recipient @fancydomain.com are to be
> delivered via SMTP to relay1.fancydomain.com. If no match here,
> then:

router_for_fancydomain:
driver = manualroute
domains = fancydomain.com
route_list = * relay1.fancydomain.com

> 4. All other emails will be delivered locally (and then will bounce
> with user not found, and sent to a local account which is the sender
> for these emails, and will get caught by other scripts).

local_delivery:
driver = appendfile
group = mail

Regards

D.

--
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/
Re: routing logic based on sender and recipient [ In reply to ]
On 2013-07-23, Florin Andrei <florin@andrei.myip.org> wrote:
> I am banging my head against the wall trying to solve a routing problem
> with a different MTA, and I'm getting nowhere.
>
> I know Exim is very configurable, but I've never actually used it. I'd
> like to setup a test instance and try to achieve the desired routing
> algorithm. This is for a QA site which is a copy of the production site,
> with some exceptions: e.g., emails generated during testing must be
> routed locally, as opposed to blasting the Internet with bogus messages.
> There are some extra twists as well.
>
> The mail server is receiving email from several QA machines via SMTP,
> and then delivers it according to various rules.
>
> The logic is this:
>
> 1. All emails with a sender @boringdomain.com will be routed to the
> Internet as if this was a plain relay, no exceptions, no special rules.
> Basically, I need to punch a clean relay hole through the system for
> these senders. If there's no match here, go to next rule:
>
> 2. All emails with a recipient within a very short list
> (jim@fancydomain.com, joe@fancydomain.com) are delivered locally, and
> will typically be processed by various scripts specified in ~/.forward.
> If there's no match here, then next:
>
> 3. All emails with the recipient @fancydomain.com are to be delivered
> via SMTP to relay1.fancydomain.com. If no match here, then:
>
> 4. All other emails will be delivered locally (and then will bounce with
> user not found, and sent to a local account which is the sender for
> these emails, and will get caught by other scripts).
>
> I have rules 2-4 already implemented in a different MTA software for a
> long time now and everything works great, I just can't do sender-based
> routing before recipient-based for the new rule #1.
>
> Could someone sketch an Exim config example that would achieve the logic
> described above? Thank you.

Let me get this straight, do you want emails addressed to fancydomain.com
that are sent froim your LAN to be sent out onto the internet and not
processed like ones that arrive from outside?


This is _only_ a sketch.

put the routers in the order you described them, the first one to
succeed will claim the email.

# 1

dnslookup router
condition = ${if eqi {${domain:$sender}}{boringdomain.com}}
transport = remote_smtp

#2

use routers from the example config file
you may want to use a local_parts = condition in these routers if
you have user accounts in the exim server that you do not want to
accept mail for on this machine.

#3

manualroute router, smtp transport. see documentation

#4

is default behaviour - no code is needed


specify verify=recipient/callout=10s somwhere in the RCPT ACL chain seen
by inbound messages. (and not outbound) to avoid producing backscatter.

something like this in the rcpt ACL, probably in addition to other
checks that normally go there:

accept
# your LAN network here -
hosts = 10.0.0.0/8
# or omit that line if you want to allow any host to send:
conditon ${if eqi {${domain:$sender}}{boringdomain.com}}
verify = recipient

deny
# your LAN network here:
hosts = 10.0.0.0/8
# or omit that line if you want to allow any host to send:
conditon ${if eqi {${domain:$sender}}{boringdomain.com}}
message = unroutable address <$recipient>

deny
domains = fancydomain.com
!verify = recipient/callout=10s
message = mailbox <$recipient> does not exist

accept
domains = fancydomain.com

deny
message = this is not an open relay



--
⚂⚃ 100% natural

--
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/
Re: routing logic based on sender and recipient [ In reply to ]
Florin Andrei wrote:
> The mail server is receiving email from several QA machines via
> SMTP, and then delivers it according to various rules.
>
> The logic is this:

[snip]

Exim processes mail in the order specified in the routers section,
most (if not all) of the rules below can be achieved by the ordering
of your routers.

>
> 1. All emails with a sender @boringdomain.com will be routed to the
> Internet as if this was a plain relay, no exceptions, no special
> rules. Basically, I need to punch a clean relay hole through the
> system for these senders. If there's no match here, go to next rule:

router_for_boringdomain:
driver = dnslookup
senders = *@boringdomain.com
transport = remote_smtp
no_more

> 2. All emails with a recipient within a very short list
> (jim@fancydomain.com, joe@fancydomain.com) are delivered locally,
> and will typically be processed by various scripts specified in
> ~/.forward. If there's no match here, then next:

router_for_dot_forwards_fancydomain:
driver = redirect
check_local_user
file = $home/.forward
file_transport = address_file
pipe_transport = address_pipe

you may want to include:

reply_transport = address_reply

> 3. All emails with the recipient @fancydomain.com are to be
> delivered via SMTP to relay1.fancydomain.com. If no match here,
> then:

router_for_fancydomain:
driver = manualroute
domains = fancydomain.com
route_list = * relay1.fancydomain.com

> 4. All other emails will be delivered locally (and then will bounce
> with user not found, and sent to a local account which is the sender
> for these emails, and will get caught by other scripts).

local_delivery:
driver = appendfile
group = mail

Regards

D.

--
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/
Re: routing logic based on sender and recipient [ In reply to ]
On 07/24/2013 03:17 AM, Jasen Betts wrote:
>
> Let me get this straight, do you want emails addressed to fancydomain.com
> that are sent froim your LAN to be sent out onto the internet and not
> processed like ones that arrive from outside?

Nothing arrives from outside our network, but most messages are indeed
generated by other machines on the same network (so they are generated
"externally" to this relay). They are injected into the relay by some
Java code with very basic SMTP capabilities. This is a testing
environment, all messages are generated by software (and then dropped to
local delivery on the relay to a bunch of scripts).

Some @fancydomain.com emails (recipient) are to be delivered locally.

All other @fancydomain.com emails (recipient) are to be delivered to a
specific relay that we control.

All other destinations are to be delivered locally, will get bounced due
to unknown address, and the scripts catch the bounce (because the sender
is local).

Of course, *before* all these rules are applied, @boringdomain.com
*senders* are to be allowed relaying to wherever they want, no
restrictions, no special rules.

--
Florin Andrei
http://florin.myip.org/

--
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/
Re: routing logic based on sender and recipient [ In reply to ]
On 07/24/2013 03:23 AM, Drav Sloan wrote:
> Florin Andrei wrote:
>>
>> 2. All emails with a recipient within a very short list
>> (jim@fancydomain.com, joe@fancydomain.com) are delivered locally,
>> and will typically be processed by various scripts specified in
>> ~/.forward. If there's no match here, then next:
>
> router_for_dot_forwards_fancydomain:
> driver = redirect
> check_local_user
> file = $home/.forward
> file_transport = address_file
> pipe_transport = address_pipe

There are some recipients within @fancydomain.com that are local here,
yet I don't want them to be delivered locally (instead, they will get
caught by the next router and sent to a relay). So the locality
condition cannot be used solely to determine who these users are.

How do I specify a limited list of recipients @fancydomain.com to be
delivered locally? Let's say only jim@fancydomain.com and
joe@fancydomain.com are to be delivered locally, no matter what other
local users may be created here. All other @fancydomain.com users need
to go to next router.

--
Florin Andrei
http://florin.myip.org/

--
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/
Re: routing logic based on sender and recipient [ In reply to ]
On 25/07/13 19:22, Florin Andrei wrote:
> On 07/24/2013 03:23 AM, Drav Sloan wrote:
>> Florin Andrei wrote:
>>>
>>> 2. All emails with a recipient within a very short list
>>> (jim@fancydomain.com, joe@fancydomain.com) are delivered locally,
>>> and will typically be processed by various scripts specified in
>>> ~/.forward. If there's no match here, then next:
>>
>> router_for_dot_forwards_fancydomain:
>> driver = redirect
>> check_local_user
>> file = $home/.forward
>> file_transport = address_file
>> pipe_transport = address_pipe
>
> There are some recipients within @fancydomain.com that are local here,
> yet I don't want them to be delivered locally (instead, they will get
> caught by the next router and sent to a relay). So the locality
> condition cannot be used solely to determine who these users are.
>
> How do I specify a limited list of recipients @fancydomain.com to be
> delivered locally? Let's say only jim@fancydomain.com and
> joe@fancydomain.com are to be delivered locally, no matter what other
> local users may be created here. All other @fancydomain.com users need
> to go to next router.
>

Have a read through


http://exim.org/exim-html-current/doc/html/spec_html/ch-generic_options_for_routers.html

Specifically, the "local_parts" condition.

--
Cheers,
Jeremy



--
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/
Re: routing logic based on sender and recipient [ In reply to ]
Thanks everyone, it works! :)

--
Florin Andrei
http://florin.myip.org/

--
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/