Peter Marenbach <[EMAIL PROTECTED]> wrote:
> > >
> > > I'm planning to use qmail in a ASP type setup. Therefore, I would
> > > like to overwrite the locals table with respect to the IP address
> > > of the SMTP client. With tcpserver it is possible to set
> > > environment variables depending on the client address. However, I
> > > did not find a way to set the locals through this mechanism.
> >
> > What problem are you trying to solve? It sounds like you should be
> > using a virtual domain manager package (like vmailmgr), but you
> > haven't described what you are trying to accomplish -- instead,
> > you've told us what your proposed solution is.
> >
> > Instead, tell us the original problem. Then we can suggest
> > solutions; if you're not familiar with qmail, then the "right"
> > solution frequently isn't an obvious one.
> Okay, let me try to describe what I want to do. The server should host
> the mailservice for multiple VPNs. Each of these VPNs accesses the
> server through a proxy with a dedicated IP address. Up to now
> everything is fine. Now, I want to add a virus wall or other security
> services for some of the VPNs. This would mean that I want the server
> only accept those domains for local delivery that belong to the IP
> address (i.e. to the VPN) they came in from. Mail to other domains,
> even if they are hosted on the same server, should be relayed to an
> public mailserver and would then be treated as any other incoming mail
> from the internet.
> a small picture to make things clearer
>
>
> FW A - VPN A - PX A
> / \
> the - FW B - VPN B - PX B - qmail
> internet \ / server
> ^ FW C - VPN C - PX C |
> | |
> |-------non-local mail relay---------|
>
>
> legend:
> - VPN x are different virtual private networks
> - FW x are VPN specific firewalls
> - PX x are VPN specific mail proxies
>
> The goal is to
> - use a common qmail server
> - not need to have multiple firewalls for each VPN
I'm sorry, but it's still not clear. Let's be concrete. You haven't
given us real domain names or anything, so this is more difficult -- I
will have to use made-up names.
qmail will operate on one box (mail.yourdomain.tld). It hosts mail
services for several customers (customer-a.tld, customer-b.tld,
customer-c.tld).
The part which is really confusing is this: you said "I want the server
only accept those domains for local delivery that belong to the IP
address they came in from". I don't understand. Does this mean you
want qmail to only accept mail for cutomer-a.tld if the connection
originates from the IP address of the "proxy" (What kind of proxy?) for
customer-a? What if mail comes from somewhere on the internet addressed
to [EMAIL PROTECTED]? That mail bounces?
Then, you say "Mail to other domains, even if they are hosted on the
same server, should be relayed to an public mailserver and would then be
treated as any other incoming mail from the internet." I have no idea
what you mean; someone on the local machine injects mail to a local
domain, but you want qmail to NOT deliver it locally?
We need a _much_ better and clearer explanation. I still think you're
trying to explain your proposed solution to a problem when you haven't
yet explained what the actual problem is.
Charles
--
-----------------------------------------------------------------------
Charles Cazabon <[EMAIL PROTECTED]>
GPL'ed software available at: http://www.qcc.sk.ca/~charlesc/software/
-----------------------------------------------------------------------
