My Favourites
opensubscriber
   Find in this group all groups
Home     Log In     Sign Up     FAQ    
 
Unknown more information…
c : courier-users@lists.sourceforge.net 21 April 2012 • 1:19PM -0400

Re: [courier-users] Multiple SSL certs on multiple IPs
by Mark Constable

REPLY TO AUTHOR
 
REPLY TO GROUP



On 20/04/12 13:36, Sam Varshavchik wrote:
> Yes, well, it's really more than just that. I now understand
> what's going on here, and there's a bit more stuff here in play.
> You can listen on multiple IPs just fine. What also needs to be
> done is also to save which IP address each message was received
> from, and then use that IP address in case that message ever
> goes out via SMTP again, in addition to using an IP
> address-specific configuration.

Perhaps if SOURCE_ADDRESS is a single IP then it behaves as it does
now and sends all outgoing traffic via the interface associated
with that IP. If...

SOURCE_ADDRESS = 0.0.0.0
SOURCE_ADDRESS = xx.xx.xx.xx/24
SOURCE_ADDRESS = xx.xx.xx.1, xx.xx.xx.2, xx.xx.xx.3

AND the incoming connection is authenticated then Courier looks
for one single extra bit of information in the message stored in
the mailq for the IP associated with the incoming SMTP connection.
It would take one extra field in the data files in /var/lib/courier/
and it may as well be reflected in the Received header if it doesn't
break any RFCs, something like...

Received: from mypc (adsl.pigpond.com [::ffff:xx.xx.xx.xx])
  (AUTH: LOGIN jo@blo...., SSL: TLSv1/SSLv3,128bits,AES128-SHA)
  by vdomain1.com ([::ffff:12.34.35.67]) with esmtp; Tue, 17 Apr 2012 16:40:15 +1000
  id 0000803F.4F8D104F.00001A8A

Courier has to work out the default interface versus whatever
SOURCE_ADDRESS is set to so around that part of the code it could
"just" do a bit of extra fiddling to make a call on sending the
queued massage out the same IP it came in on. vdomain1.com is also
in the queued data file so use that in the SMTP exchange as well.

------------------------------------------------------------------------------
For Developers, A Lot Can Happen In A Second.
Boundary is the first to Know...and Tell You.
Monitor Your Applications in Ultra-Fine Resolution. Try it FREE!
http://p.sf.net/sfu/Boundary-d2dvs2
_______________________________________________
courier-users mailing list
courier-users@list...
Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
Bookmark with:

Delicious   Digg   reddit   Facebook   StumbleUpon

Related Messages

opensubscriber is not affiliated with the authors of this message nor responsible for its content.
© opensubscriber 2010
All rights reserved.

Alternate link - Alternate link