On Sat, 15 Apr 2023, Sebastian Arcus via Exim-users wrote:
On 15/04/2023 21:20, Evgeniy Berdnikov via Exim-users wrote:
On Sat, Apr 15, 2023 at 08:44:08PM +0100, Sebastian Arcus via Exim-users
wrote:
These are all separate servers belonging to different organisations. They
each host their own mail domain and users. This can't be changed. I am not
looking to do load balancing. I am looking to share the public IP address
and PTR record these servers use for incoming and outgoing smtp
connections.
This formulation is significantly different from the original one, which
was about SNI and all that. This task has no relation to SNI, TLS, etc.
With wrong questions you have minimal chances to get relevant answers.
You are correct - thinking some more about it, all outside connections would
be connecting to the same FQDN. SNI would play no part in it. Sorry for the
confusion. It seems that using Exim as a front end relaying to back-end
servers seems to be the right solution.
I see this front-end machine as a backup MX server. That way the real
machines will get the mail most of the time, but if/when the real machine
has a new ip address that doesn't match the MX, the front-end machine will
receive the mail and pass it on to the corrected IP.
BTW, using single public IP/gateway you create a single point of failure
for all domains/organizations.
That is also very true, and I have considered it. On balancing the advantages
and disadvantages of the setup, it will be a risk I will have to accept. Or
possibly end up with two of these cloud / front-end servers setup as the 2
MX's for all domains.
If the real server and the front-end machine are both in the MX records,
provided that you still control the IP addresses, losing either machine
wont stop the mail from getting through.
I don't know what sort of latency there will be between these machines,
but you might be able to use cutthrough delivery from the front-end to the
real server, which might allow you to reject rather than bounce some of
the time; it might even help with your SPF dilemma ?
--
Andrew C. Aitchison Kendal, UK
and...@aitchison.me.uk
--
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/