[H-GEN] Fun with exim

Anthony Towns aj at azure.humbug.org.au
Wed Aug 5 13:35:35 EDT 1998 

Hello world,

A story.

I'm admining a small LAN. It has a RH Linux box [0] as it's main
file server, print server, backup server and gateway [1].

And since the 'net is the Way of the Future, we want web access [2]
and email and stuff like that. We had problems getting diald to work
properly [after a day or 12 hours or something it would just stop paying
attention and coming up. A manual restart would fix it, but automatic
restarts wouldn't, stuff like that], and switched to a cheap tacky ISP
with a pseudo-permanent connection (dialup at 9, get hung up on at 1,
dial back up, get hung up on at 5, dial back up, hang up at 7, atm).

It works. Well enough.

For web access, anyway. Outgoing mail too.

Incoming mail is currently handled by a bunch of POP drop boxes handled
by OzEmail [3]. POP boxes with fairly crappy domain names, limits on
the lengths of usernames (between four and eight characters or similar)
and extra charges whenever you want to add a new name.

It works.

Not as well as it might however.

There are, in particular, the following problems:

	* We don't have any direct control over adding new addresses.

	* After getting a new address created, the system .fetchmailrc 
	  file has to be changed to get mail from that address with the
	  given password and moved it to the appropriate user's mailbox.

	* Getting mail takes an unreasonable amount of time to realise
	  "Hey, there's no mail here!".

Sure, it's tolerable, but, well...

So the current plan is to get our own domain, host it on azure, and
basically do it all ourselves. Getting the domain has a few other
uses than just easing my discomfit at the above; in particular it
moves us right away from OzEmail, and lets us build a website.

But just having a domain isn't enough to solve the mail problem, not
with dynamic IPs. You still need some way of fetching the mail.

For the reasons above, and the fact that I didn't want to create real
users for any of the mail aliases I want to server on azure, fetchmail
and POP wasn't really worth considering. I probably could've used the
multi-drop mailbox feature of fetchmail to good effect, but I've heard
bad things about it, and don't really trust it to preserve the recipient
properly. And sendmail didn't seem particularly plausible either --
getting past the dynamic address seemed like it'd require hacking named
more than I was really comfortable with.

So that left, basically, some weird hacked together solution.

Namely, UUCP.

Now, I didn't think of this myself -- I wanted to make my own shar of
the mail, and have unpacking the shar deliver that mail automagically.
So when mail arrived; azure would append something like:
	/usr/lib/sendmail [to address] <<EOF
	[mail body]
	EOF
to foo.shar. When foo came online, it'd get a copy of that file, and
run it. I hadn't worked out quite how to go about getting rid of "read"
mail.

But Jason Parker managed to point me to the Right Way of doing it.

From the dust and cobwebbed shadows of ages past he proferred UUCP as
the solution to my woes.

And it was.

The setup is basically intended to be as follows:


       ,--- mail to users in Deniliquin, NSW --> [ deni.lovetts.com.au ]
      /
   [ azure ] <--- incoming mail --- [ Internet ]
      \
       `--- mail to users in Brisbane, Qld ---> [ chronos.lovetts.com.au ]

Mail to, say, aj at lovetts.com.au needs to be picked up by chronos, while
mail to steve at lovetts.com.au has to go to deni.lovetts.com.au. And so on.

This part is fairly easy and standard to implement. The way I did it
was to setup an aliases.lovetts file, with contents like:

    aj:             aj at chronos.lovetts.com.au
    steve:          sal at deni.lovetts.com.au
    admin:          aj at azure.humbug.org.au, 
                    admin at chronos.lovetts.com.au,
                    admin at deni.lovetts.com.au

and a directory entry to tell exim to use that file when handling addresses
within to *@lovetts.com.au:

    lovetts_domain:
      driver = aliasfile
      domains = lovetts.com.au
      file = /etc/aliases.lovetts
      no_more
      search_type = lsearch
                          
This lets exim handle all deliveries to the lovetts.com.au domain locally,
but leaves us with {deni,chronos}.lovetts.com.au to handle. We don't want
to do very much with these, though -- we just want to forward them to the
host by some means.

So since we've decided UUCP is a good store and forward mechanism, we need
to make a transport that handles that. It's really hard. Cut and paste it
from the docs under /usr/doc/exim/.

    uucp:
      driver = pipe
      user = uucp
      directory = "/var/tmp"
      restrict_to_path
      path = "/usr/bin:/bin"
      command = "uux - -a$sender_address -r $host\!rmail ($local_part@$domain)"
      return_fail_output              

And then all that's left is writing a router rule to tell it to use
that transport when dealing with chronos and deni. Which is again a matter
of cutting and pasting.

    lovetts_subdomain:
      driver = domainlist
      route_list = "chronos.lovetts.com.au   chronos;  \
                    deni.lovetts.com.au      deni"
      transport = uucp  

And that's it.

Mail to foo at lovetts.com.au is spooled via UUCP to the appropriate
computer.

I'm yet to work out how to get that spool to the computer it's waiting
for, of course, but still. Hopefully, I'll be able to just setup UUCP
to listen on the uucpd socket, or just get it to talk over ssh.

And what have I got?

If there's a new staff member, getting email is just a matter of adding
an account on the appropriate fileserver, and adding a single line to
/etc/aliases.lovetts. If someone goes away, delete the line. Someone
moves offices, replace chronos with deni or vice-versa and setup the
accounts on the fileservers.

And azure just gets to sit there unperturbed except for an extra file
in /etc. No new users, no nothing.

Anyway.

I'm pleased.

Cheers,
aj

[0] I know.

[1] I know.

[2] The guy who made the MSIE icon get called "The Internet" has
    a nice place in Hell reserved for him.

[3] I know.

-- 
Anthony Towns <aj at humbug.org.au> <http://azure.humbug.org.au/~aj/>
I don't speak for anyone save myself. PGP encrypted mail preferred.

Remember to breathe.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 434 bytes
Desc: not available
URL: <http://lists.humbug.org.au/pipermail/general/attachments/19980806/8ea2de2c/attachment.sig>

More information about the General mailing list