I am looking to use exim on a 'frontend' simply to hide the IP of the true backend mail servers. This exim configuration will server for multiple domains. Really what I am looking for is confirmation that the setup I have made will work.
I have installed and configured exim routers as follows
# Setup Static Configuration Route
static_route:
driver = manualroute
transport = remote_smtp
route_data = ${lookup{$domain}lsearch{/etc/staticroutes}}
The /etc/staticroutes file then looks like
domain1.com: x.x.x.x
domain2.com: x.x.x.x
So in theory any mail going to this mail server for example [email protected] will then be forwarded to the backend mail server to [email protected]. Will this work as I expect?
Look forward to hearing your responses.
Thanks in advance (And after ofcourse), Chris.
Your solution looks like it will work to me but is a little naive in the state of modern email handling. Specifically, without any recipient local part verification on the frontend server, your frontend server will be doing accept and forward for all local parts in domain1.com and domain2.com. This is a huge issue in modern mail handling and if you handle any volume of mail your exim server will start getting blacklisted due to bounce-back spam.
The proper way to do this (use a front end mail server) is to have some sort of verification set up. It might be an lsearched file containing valid local_parts for each domain. It might be an ldap query for each domain (for instance, to a back end Exchange server). It might be a mixture of solutions specific to each domain that you are being a middle man for. It could be call-forward SMTP verification. It doesn't really matter how, but you will end up regretting it both in time spent cleaning out your mail queues and time spent trying to clear your name with DNSBLs if you don't put some form of recipient local part verification on the frontend server.