[plug] Exim4 as a secondary MX in virtual domain applications

Brad Campbell brad at fnarfbargle.com
Tue Oct 12 17:49:17 WST 2010 

G'day all,

I've found absolutely zero useful information on this so I thought I'd post what I have in case it's 
useful for someone (anyone?).

I've got Exim4 configured for virtual domains as detailed here : 
http://www.debian-administration.org/articles/140

It's dead easy to add a new entry, just create the file and put some recipients in it.

Now, for overly complex reasons I'm going to be hosting my main MX on the end of my ADSL at home 
with a static IP, but for other less complex reasons it's quite possible for it to be down for hours 
at a time.

As I have a co-lo server elsewhere, I thought it'd be nice to have it function as a proper backup 
MX. This means verifying users and doing bounces/greylisting locally to prevent backscatter.

The easiest way I could see to do that was if I could just keep my /etc/exim/virtualservers updated 
with rsync. To make matters more complex, I actually *want* to host some domains on that machine.

I resolved this by creating /etc/exim/secondary, to which I sync the contents of 
/etc/exim/virtualhosts from my home server.

To make this work I modify /etc/exim.conf.localmacros as follows :

MAIN_LOCAL_DOMAINS = @:localhost:dsearch;/etc/exim4/virtualhosts:dsearch;/etc/exim4/secondary

And I insert the following into /etc/exim/update-exim4.conf.conf just after the clause I inserted 
from the aforementioned web page.

vdom_secondary:
   driver = manualroute
   domains = dsearch;/etc/exim4/secondary
   condition = ${expand:${lookup{$local_part}lsearch*@{/etc/exim4/secondary/$domain}}}
   transport = remote_smtp
   route_list = * 10.8.0.1
   host_find_failed = defer
   same_domain_copy_routing = yes
   no_more

Where 10.8.0.1 is the internal VPN address of the primary server. Externally routeable addresses 
work just as well.

Now any domain in /etc/exim/secondaries gets user verified and then forwarded as soon as the primary 
is up (an ssh with exim -qff ensures the queue gets flushed quickly). Anything otherwise configured 
behaves normally.

There's probably an easier way to do it using other tools, but this works for me.

Regards,
Brad

More information about the plug mailing list