routing a qmail setup
hello, first of all, sorry for the subject, I didn't know who to clearly explain what I'm trying to do in a line. My setup is simple: - I've got 2 qmail servers, one co-located and one internal to my company, with dial-up connection. - Both think they are *.scim.net MX - Upon dial-up connection, the internal server uses fetchmail to download mail for local users and I send an ALRM signal to qmail-send. the problem is here: qmail-send sends the remote mail directly to the recipients MX, and those are somethimes flaky (hotmail accounts, specially), so it keeps trying for a long time until the mail is sent or the delay is so long the the connection times out and disconnects. [ important point here, the dial-up connection (through pppd) is set to hangup when it reached a certain time of inactivity ] what I want it to do is: - route all the 'remote' mail to the online server. - the remote server should RELAY those mail, but ... only from me (don't really want to be an open relay). But hey! I'm on a dial-up acc - dynamic ip ... I really think it *should* be possible to 'route' all my traffic through the co-located server, but can I keep it from being an open relay? thanks in advance, specially if you read this long, long posting! martin [just getting in terms with qmail]
RE: routing a qmail setup
- I've got 2 qmail servers, one co-located and one internal to my company, with dial-up connection. - Both think they are *.scim.net MX - Upon dial-up connection, the internal server uses fetchmail to download mail for local users and I send an ALRM signal to qmail-send. ... what I want it to do is: - route all the 'remote' mail to the online server. - the remote server should RELAY those mail, but ... only from me (don't really want to be an open relay). But hey! I'm on a dial-up acc - dynamic ip ... I really think it *should* be possible to 'route' all my traffic through the co-located server, but can I keep it from being an open relay? On internal.scim.net, your smtproutes should contain the following: :external.scim.net That way, all domains not local will be forwarded to external.scim.net for relay. external.scim.net must allow selective relaying; if you're using tcpserver, then add the IP address of internal.scim.net followed by ':allow,RELAYCLIENT=""' into /etc/tcp.smtp and type 'tcprules /etc/tcp.smtp.cdb /tmp/tcp.tmp /etc/tcp.smtp' (This is paraphrasing Michael Samuel's detailed "How to selective relay" instructions at http://qmail-docs.surfdirect.com.au/docs/qmail-antirelay.html, which seems to be not responding right now. -- gowen -- Greg Owen -- [EMAIL PROTECTED]
Re: routing a qmail setup
greg, the 'internal' part of the solution works great, thanks! Regarding the 'external' part of the solution ... you wrote external.scim.net must allow selective relaying; if you're using tcpserver, then add the IP address of internal.scim.net followed by ':allow,RELAYCLIENT=""' into /etc/tcp.smtp and type 'tcprules /etc/tcp.smtp.cdb /tmp/tcp.tmp /etc/tcp.smtp' but I have a dynamic IP address! [because of the dial-up connection]. is there a reasonable way to authenticate my server with tcpserver? is there a suitable mailing list to ask about tcpserver? martin
Re: routing a qmail setup
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 19 Jul 00, at 12:46, martin langhoff wrote: but I have a dynamic IP address! [because of the dial-up connection]. is there a reasonable way to authenticate my server with tcpserver? Do you want to relay through your server? (The proper way, usually, is to relay through your ISP's server; they know their dialup netblock IP.) If yes, you may want to consider one of the following possibilities: 1. ssh tunel 2. ssl tunel 3. POP3-before-SMTP (yes, it can work for relaying, too) 4. some other way you tell your machine your IP to be able to relay -BEGIN PGP SIGNATURE- Version: PGP 6.0.2 -- QDPGP 2.60 Comment: http://community.wow.net/grt/qdpgp.html iQA/AwUBOXXBdVMwP8g7qbw/EQJ5ogCfbTxtW0HuKXSYmTu5YdYte8MOf3MAnRAG aeekor2IL/ydsJ/bW1cPdQ8Q =Pjuc -END PGP SIGNATURE- -- Petr Novotny, ANTEK CS [EMAIL PROTECTED] http://www.antek.cz PGP key ID: 0x3BA9BC3F -- Don't you know there ain't no devil there's just God when he's drunk. [Tom Waits]
RE: routing a qmail setup
but I have a dynamic IP address! [because of the dial-up connection]. Oops, missed that part. I'm making wild guesses now, but you could script something to use the POP-before-SMTP patch, or you could just write a password protected web script on the external server that updates the tcp.smtp rules automatically, and which is automatically run when your dialup comes up. -- gowen -- Greg Owen -- [EMAIL PROTECTED]
Re: routing a qmail setup
Petr. true! of course they do know their own IPs! I had been thinking how could I seduce one of their sysadmins to hand their dial-up IPs, and how could I keep it sync'ed (they are growing fast). The answer was right there... Thanks!!! martin Petr Novotny wrote: (The proper way, usually, is to relay through your ISP's server; they know their dialup netblock IP.)
