Re: [exim] Proxy smtp connections to multiple Exim servers behind proxy

Sat, 15 Apr 2023 12:23:21 -0700 

On Sat, 15 Apr 2023, Sebastian Arcus wrote:


On 15/04/2023 18:44, Andrew C Aitchison wrote:

On Sat, 15 Apr 2023, Sebastian Arcus via Exim-users wrote:
I have a number of Exim servers behind a NAT gateway (actually connected with vpn's to a cloud vps - but I'm hoping this is not relevant to this post). I would like the gateway to send incoming port 25 traffic to the correct Exim server based on SNI in incoming TLS packets - as different Exim instances serve different email domains. The setup would look like this: 

                     [Internet]
                         |
                         |
                   (smtp port 25)
                         |
                         v
                         |
                  [Cloud server]
                         |
                         v
                         |
      ----------------------------------------
      |                  |                   |
      |                  |                   |
[Exim server 1]    [Exim server 2]    [Exim server 3]
I would have preferred to do this at IP tables level - but apparently not really possible. It seems the next option would be HAProxy. Has anyone here used HAProxy or run a setup as above, or know if this is actually doable? Any suggestions much appreciated. 



Since you have different domains, my first thought would just be to
assign them different MXes with different IPs ...
This is the situation now. But managing a full set of internet connections with fixed IP addresses and reverse dns records is turning into a major drag. Every time the internet connection on one of the boxes has to change provider, it becomes a whole project managing the migration, with downtime while the provider assigns a PTR record to the connection. On occasion it has taken 2 weeks. This is why I would like to have all boxes use one single public IP address and one PTR record through the VPS / cloud server for smtp purposes, with the VPS acting as a SMTP proxy / gateway. 

Ah.

I've only done it with physical local machines, where
it was easy to move an ip address from one box to another.
I had an ip address for each box and one for each domain,
so I could just move the domain ip address to another machine
when necessary. No need to change the DNS at all.
Not necessarily something you can do with a cloud.

--
Andrew C. Aitchison                      Kendal, UK
                   and...@aitchison.me.uk
--
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

Reply via email to