EXIM MTA, настройка релея

0

1

Прошу подсказать как правильно настроить релей на базе EXIM

схема простая есть основной почтовик EXIM, он уже принимает почту и работает как надо.

хочу добавить в другом месте мира релей, который бы пересылал почту на основной почтовик, если у корреспондента не получается отправить почту на основной. при этом желательно чтобы он[релей] делал доставку на основной через SSL.

на релее - Exim version 4.98.2 #2 built 26-Mar-2025 15:44:10

конфиг


primary_hostname = mail5._my_domain_.com

domainlist local_domains = _my_domain_.com

domainlist relay_to_domains = _my_domain_.com

hostlist   relay_from_hosts =   *

domainlist trusted_domains = *

hostlist trusted_hosts = *

qualify_domain = _my_domain_.com

auth_advertise_hosts = *
daemon_smtp_ports = 25 : 465

tls_on_connect_ports = 465
tls_advertise_hosts = *

tls_certificate = /etc/letsencrypt/live/mail5._my_domain_.com/fullchain.pem
tls_privatekey  = /etc/letsencrypt/live/mail5._my_domain_.com/privkey.pem

tls_require_ciphers = AES128+EECDH:AES128+EDH
openssl_options = +no_sslv2 +no_sslv3

log_selector = \
         +all_parents \
         +lost_incoming_connection \
         +received_sender \
         +received_recipients \
         +smtp_confirmation \
         +smtp_syntax_error \
         +smtp_protocol_error \
         -queue_run

allow_domain_literals = false

never_users = root:daemon:bin:sync:named
host_lookup = *
rfc1413_hosts = *
rfc1413_query_timeout = 0s
ignore_bounce_errors_after = 30m
timeout_frozen_after = 3d
freeze_tell = postmaster
auto_thaw = 1h
message_size_limit = 100M
smtp_accept_max = 50
smtp_accept_max_per_connection = 50
smtp_connect_backlog = 50
smtp_accept_max_per_host = 25
split_spool_directory = true
remote_max_parallel = 15


begin acl

acl_check_rcpt:
   accept  domains       = +local_domains
           endpass

acl_check_data:

  accept hosts  = *

  # finally accept all the rest
 accept


begin routers

dnslookup:
   driver = dnslookup
   domains = ! +local_domains
   transport = remote_smtp
   ignore_target_hosts = 0.0.0.0 : 127.0.0.0/8
   no_more

_my_domain__router:
    driver = manualroute
    domains = +relay_to_domains
    transport = remote_smtp
    route_list = * mail._my_domain_.com
    no_more


begin transports


# _my_domain_ DKIM
remote_smtp:
   driver = smtp
   dkim_domain           = _my_domain_.com
   dkim_selector         = dkim
   dkim_private_key      = /etc/exim/dkim/_my_domain_.com.key
   dkim_canon            = relaxed
   dkim_strict           = true
   dkim_sign_headers     = From:Sender:Reply-To:Subject:Date:Message-ID:To:Cc:MIME-Version:Content-Type:Content-Transfer-Encoding:Content-ID:Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:In-Reply-To:References:Precedence:X-RT-Loop-Prevention:RT-Ticket:Managed-by:RT-Originator:X-RT-Original-Encodi


address_pipe:
   driver = pipe
   return_output

address_file:
   driver = appendfile
   delivery_date_add
   envelope_to_add
   return_path_add

address_reply:
   driver = autoreply



begin retry
*                      *           F,2h,15m; G,16h,1h,1.5; F,4d,6h


begin rewrite

проверяю

# exim -bt postmaster@_my_domain_.com
postmaster@_my_domain_.com
  router = _my_domain__router, transport = remote_smtp
  host mail._my_domain_.com [xxx.xxx.xxx.xxx]

те вроде как правильно распознает

а вот так не выходит

[root@vdss1 exim]# exim -v root@_my_domain_.com
LOG: MAIN
  Warning: purging the environment.
 Suggested action: use keep_environment.
From: root@_my_domain_.com
To: postmaster@_my_domain_.com
Subject: Testing EXIM

test

.


^Z
[10]+  Stopped                 exim -v root@_my_domain_.com

те вместо что сообщение принято - чего-то ждет

при этом само сообщение не приходит, но [потом] приходит матюг (!)

This message was created automatically by mail delivery software.
A message that you sent has not yet been delivered to one or more of its
recipients after more than 72 hours on the queue on mail5._my_domain_.com.

The message identifier is:     1uoR8E-00000000E7t-2Ytd
The subject of the message is: Testing EXIM
The date of the message is:    Thu, 21 Aug 2025 10:58:20 -0400

The address to which the message has not yet been delivered is:

  postmaster@_my_domain_.com
    Delay reason: H=mail._my_domain_.com [xxx.xxx.xxx.xxx]:
    SMTP error from remote mail server after RCPT TO:<postmaster@_my_domain_.com>:
    421 Unexpected failure, please try later

пробую отправить ручками через SMTP

# telnet vdss1._my_domain_.com 25
Trying [xxx.xxx.xxx.xxx]...
Connected to vdss1._my_domain_.com.
Escape character is '^]'.
220 mail5._my_domain_.com ESMTP Exim 4.98.2 Fri, 22 Aug 2025 21:41:38 -0400
helo _my_domain_.com
250 mail5._my_domain_.com Hello vdss2._my_domain_.com [yyy.yyy.yyy.yyy]
mail from:<root@_my_domain_.com>
250 OK
rcpt to:<root@_my_domain_.com>
550 Administrative prohibition

500 unrecognized command

500 unrecognized command
^C

Connection closed by foreign host.

те где-то я что-то делаю не так

прошу подсказать

Похожие темы