hi, i've started to setup a dual-exim ("edge" + "core") setup
my primary goals are: (1) use "edge" exim to filter/reject non-legit mail @ SMTP connect (2) minimize traffic to & between edge/core exim (3) minimize CPU/RAM util by "edge" (4) enusre proper response notification to original sender in smtp chat from BOTH edge/core servers (5) single-source smtp AUTH (dovecot) and account data so far, i'm good with (1),(2), (3) & half of (5). my question HERE is: re: (4), how do I _correctly_ send content scaning rejects/notices from "core" exim back to the original sender, NOT just back to the "edge" exim? to date, i've done all this in one exim server, and haven't worried about the sequence of the transaction -- simply because i didn't have to. now that i'm splitting tasks, that's chaged ... my 1st thought is that since, at AV/AS content scanning, the message is received and we're past SMTP transaction, the REJECT needs be a mail message back to sender. but i'm not clear about the 'right' response. it had been suggested on this list that CALLOUTS be used. tbh, i'm simply comfused as to what/where/how. any/all guidance would be much appreciated! i'll start with providing the following summmary detail -- happy to provide anything else; just not sure what all matters, yet. thanks! the config is: [NET] | | ----------------------- [ROUTER/FIREWALL] "edge" ext IP: 1.2.3.4 int IP: 127.0.0.1 10.0.0.1 10.0.0.50 freebsd 6.2R/p5 + pf exim 4.67, from ports ----------------------- | | ----------------------- [MAIL-/FILE-SERVER] "core" IP: 127.0.0.1 10.0.0.51 osx 10.4.9 exim 4.67, from src clamav-dev, from src spamassassin-dev, from src dovecot 1.0-trunk, from src ----------------------- pf is configured to: redirect (NAT) inbound to 1.2.3.4 port 25 -> 10.0.0.50 port 25 "edge" exim is configured: listening on 127.0.0.1, 10.0.0.50 as a sendmail replacement for local delivery for inbound relaying NO outbound relaying with active filtering in ACLs, acl_smtp_connect acl_smtp_helo acl_smtp_mail acl_smtp_mime acl_smtp_rcpt with NO content scanning (AS/AV) routers for: local_delivery remote_smtp "core" exim is configured: listening on 127.0.0.1, 10.0.0.51 as a sendmail replacement for local delivery for inbound relaying for outbound relaying (from LAN MUAs etc) with 'just' content scanning/filtering (AS/AV) in data ACL routers for: local_delivery remote_smtp lmtp_delivery (to dovecot) shared auth with dovecot -- ## List details at http://www.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://www.exim.org/eximwiki/