How to get userbased smarthost running

arno

New member
Joined
Jan 16, 2018
Messages
2
Dear Community,

I need to have a few da users sent their email not over the general smarthost but over different mail gateway.

can we do this based on virtual domain?

situation:
external mailfilter sends mail to server for virtual domains
External mailfilter is also smarthost for virtual domains

this 2 specific virtual domains need to accept (authenticated) relay directly from user@virtualdomain and send the mail over different smarthost out..

a part of the config I have now, but i'm missing something, since it's not working as expected..

domainlist mx_domains = xyz.com:abc.com

# This router routes to remote hosts over SMTP using a DNS lookup. Any domain
# that resolves to an IP address on the loopback interface (127.0.0.0/8) is
# treated as if it had no DNS entry.
mx_email:
driver = manualroute
domains = ! +mx_domains
ignore_target_hosts = 127.0.0.0/8
condition = "${perl{check_limits}}"
transport = auth_relay
route_list = * vps.aisp.email::587
# no_more
 
Hello,

In general, yes, it's possible. What is wrong with your solution?

It seems not to work and since exim is not my speciality I was wondering why it's not working..
I'm afraid I'll have to try again and greb some logging.
 
You posted code lines, which seem to be working fine if to put them into a correct place (I did not test them). We don't know how and where you added it, we don't know what error you got with it. And I even not sure whether or not you changed domain names to your real ones. So please do test the code and describe all the details:

- what you did?
- what you got?
 
I have this working over here.
Edit the following 3 files:

/etc/exim.routers.pre.conf
Code:
mail_relay:
   driver = manualroute
   domains = ! +local_domains
   senders = *@[set you local sending domain here]
   ignore_target_hosts = 127.0.0.0/8
   condition = "${perl{check_limits}}"
   route_list = !+local_domains [define your smarthost]
   transport = auth_relay

/etc/exim.transports.pre.conf
Code:
auth_relay:
  driver = smtp
  port = 587
  hosts_require_auth = <; $host_address
  hosts_require_tls = <; $host_address

If you need authentication edit the following file and add the below content and customize it /etc/exim.authenticators.post.conf
Code:
auth_login:
  driver = plaintext
  public_name = LOGIN
  client_send = : [user@host] : [password]
  server_set_id = $1

Keep in mind that you might not need authentication. and that some parts are specific for my own environment.
I've used the info from https://www.transip.eu/knowledgebase/entry/343-using-mail-service-with-directadmin/ as a base for my changes.
 
Does a config option exist in DA for the admin to set smarthost(s per package) (using e.g. mailchnnls)?
Is there an option for the admin to set a distinct smarthost up for each individual customer differently (e.g. as per client order)?
Is there an option for the client to setup their own smarthost/relay in their client DA interface?
 
Does a config option exist in DA for the admin to set smarthost(s per package) (using e.g. mailchnnls)?
Is there an option for the admin to set a distinct smarthost up for each individual customer differently (e.g. as per client order)?
Is there an option for the client to setup their own smarthost/relay in their client DA interface?

It does this really well by using includes that don't exist by default, but are used when you add them. Check out how I do it here:


In my case filtergroup.mxroute.com has the server IP whitelisted, so no auth is necessary. However, take a look at MailChannels guide as they do use auth: https://mailchannels.zendesk.com/hc/en-us/articles/214952906-Setting-up-for-DirectAdmin

If you want to exclude domains from a router, look in my example at exim.routers.pre.conf and find this:

domains = ! +local_domains

Then add this on the line below it:

senders = !*@domaintoexclude.tld : !*@otherdomaintoexclude.tld

And so on, using : as the separator.

If you instead wanted to go in the opposite direction and only send emails from certain domains through that router, just do that senders line above a little differently like this:

senders = *@domaintoinclude.com : *@otherdomaintoinclude.com

So you see that ! means don't, and a lack of it means do. Basically. You can read some more on the manualroute router, which is actually not a difficult read, here: https://www.exim.org/exim-html-current/doc/html/spec_html/ch-the_manualroute_router.html

In theory, I think you could have exim include a domain list in a file, and you could write domains to that file based on your own algorithm in a hook script: https://docs.directadmin.com/developer/hooks/hooks

So maybe they add a domain and your script checks their package, determines if it places domain in a list used by exim for that router.
 
Last edited:
  • Like
Reactions: ai8
It does this really well by using includes that don't exist by default, but are used when you add them. Check out how I do it here:


In my case filtergroup.mxroute.com has the server IP whitelisted, so no auth is necessary. However, take a look at MailChannels guide as they do use auth: https://mailchannels.zendesk.com/hc/en-us/articles/214952906-Setting-up-for-DirectAdmin

If you want to exclude domains from a router, look in my example at exim.routers.pre.conf and find this:



Then add this on the line below it:



And so on, using : as the separator.

If you instead wanted to go in the opposite direction and only send emails from certain domains through that router, just do that senders line above a little differently like this:



So you see that ! means don't, and a lack of it means do. Basically. You can read some more on the manualroute router, which is actually not a difficult read, here: https://www.exim.org/exim-html-current/doc/html/spec_html/ch-the_manualroute_router.html

In theory, I think you could have exim include a domain list in a file, and you could write domains to that file based on your own algorithm in a hook script: https://docs.directadmin.com/developer/hooks/hooks

So maybe they add a domain and your script checks their package, determines if it places domain in a list used by exim for that router.
Thank you so much for these pointers and examples.

A smarthost for DA only is probably the first thing we'll do.

Then perhaps a plugin for DA so that each user can set their own smarthost.
This will minimize the SPAM problem.

The most complicated seems to be the feature to set the smarthost from admin level as per client order.
This is so needed, I wonder if the DA team could get this done?

In lack of the above, is there a way to limit new users to just xx emails / week?
Can one configure DA so that only forwarders are available to customers, no other email features?
 
Back
Top