From: Adam D. Barratt Date: Thu, 26 Sep 2019 17:04:12 +0000 (+0100) Subject: eximconf: add an alternative SMTP router for "single domain" domains X-Git-Url: https://git.adam-barratt.org.uk/?a=commitdiff_plain;h=b6bfdeb507a772497a46fe533f43b372e686c63b;p=mirror%2Fdsa-puppet.git eximconf: add an alternative SMTP router for "single domain" domains These are domains that only allow a single recipient domain per SMTP connection, in order to allow simple differentiation of filtering options. Signed-off-by: Adam D. Barratt --- diff --git a/modules/exim/templates/eximconf.erb b/modules/exim/templates/eximconf.erb index 49ca251ca..9768f25fa 100644 --- a/modules/exim/templates/eximconf.erb +++ b/modules/exim/templates/eximconf.erb @@ -132,6 +132,9 @@ hostlist debianhosts = <; ; 127.0.0.1 ; ::1 ; /var/lib/misc/thishost/debianhosts hostlist reservedaddrs = 0.0.0.0/8 : 127.0.0.0/8 : 10.0.0.0/8 : 169.254.0.0/16 : 172.16.0.0/12 : 192.0.0.0/24 : 192.168.0.0/16 : 224.0.0.0/4 : 240.0.0.0/5 : 248.0.0.0/5 +domainlist google_mxen = aspmx.l.google.com : gmail-smtp-in.l.google.com +domainlist single_domain_mx = +google_mxen + <%- if @is_mailrelay -%> # Domains we relay for; that is domains that aren't considered local but we # accept mail for them. @@ -1057,7 +1060,10 @@ begin routers relay_manualroute: driver = manualroute domains = +mailhubdomains - transport = remote_smtp + transport = ${if forany{${lookup dnsdb{>: mxh=$domain}}}\ + {match_domain{$item}{+single_domain_mx}}\ + {remote_smtp_single_domain}{remote_smtp}\ + } route_data = ${lookup{$domain}lsearch{/etc/exim4/manualroute}} require_files = /etc/exim4/manualroute @@ -1100,7 +1106,10 @@ dnslookup: debug_print = "R: dnslookup for $local_part@$domain" driver = dnslookup domains = !+handled_domains - transport = remote_smtp + transport = ${if forany{${lookup dnsdb{>: mxh=$domain}}}\ + {match_domain{$item}{+single_domain_mx}}\ + {remote_smtp_single_domain}{remote_smtp}\ + } ignore_target_hosts = +reservedaddrs no_more @@ -1563,6 +1572,14 @@ remote_smtp: tls_certificate = /etc/exim4/ssl/thishost.crt tls_privatekey = /etc/exim4/ssl/thishost.key +remote_smtp_single_domain: + driver = smtp + connect_timeout = 15s + delay_after_cutoff = false + no_multi_domain + tls_certificate = /etc/exim4/ssl/thishost.crt + tls_privatekey = /etc/exim4/ssl/thishost.key + <%- if @use_smarthost -%> remote_smtp_smarthost: debug_print = "T: remote_smtp_smarthost for $local_part@$domain"