Possible to use multiple Accounts with multiple "relays"
SMTP email proxy and relay server
Brought to you by:
graeme_walker
Menu
▾
▴
#100 Possible to use multiple Accounts with multiple "relays"
Hi there,
is it posible to add multiple Accounts. No you can't imagine what I mean by this. so here is my usecase.
We have an Exchange Cluster on prem. We can't send anonymous over Port 25.
From our internal network there are many IoT devices which need to send emails to that exchange cluster.
Right now printers use scan to mail and route it through the relay. (We have many different manufactures and ages, its horrible) This works pretty fine, no problems.
So now we also have other stuff like thermostats, switches, .... These devises also need to send mails. The relay only logs in with the printer user. So every device is shown to the recipient as printer send an email.
So yes I could rename that account to a noreply or whatever, but that is not the question.
When I read through the documentation I stumbled across your in-/out-/other- section.
Could something like that be accomplished with multiple servers?
Lets say the scanserver, iotserver, and some others?
If yes what would I need to do?
Or is it otherwise probable to tell the relay if user iot "logs in" relay it with the iot Exchange account and if the scanuser logs in relay as the scan user?
If you can't understand my intention feel free to ask.
Also if this is out of the question, I would like to make a feature suggestion.
The easiest thing would be to use a filter script to edit the various From headers -- but perhaps your Exchange configuration overwrites them or requires them to match the authentication account?
So then you want each group of submitting devices to use their own account when authenticating with the Exchange server?
You could use multiple emailrelay configuration instances, like the in/out/other example in the documentation -- but then those configuration instances cannot all use port 25 (although I suppose they could listen on separate network interfaces).
Or you could use 'client selectors': list all the Exchange accounts in the client secrets file with an arbitrary 'account-selector' key, and then write a filter script to set an appropriate client-selector value in the envelope file depending on the sender's IP address, envelope-from, From: headers, etc.
Yes the Exchange need all accounts to match, we only uses encrypted communication and no Anonymus, no port 25.
Yes basically every device has an account, but with 2 firewalls and a Service Provider it is such an hassle to allow every single one, so we group them together and relay under now 1 account per group.
It would be cool if could just tell the service to listen to multiple ports on one interface. so lets say ---in- listens on 465, --iot- listens on 44444 --term- on 44446 and then --in-foward- --term-forward with its own accounts.
Okay the filters, there I'll have to go through the documentation again on how to write them and in what language
If your devices can be configured to send to any port, not just 25, then you should probably go for the multiple-configurations approach. You can put the account details straight into the emailrelay configuration file (ie. "client-auth plain:YWxpY2U=: c2VjcmV0"), otherwise you would need one secrets file per account. No scripting required.
FWIW there are some example scripts in the distribution, using perl on unix and javascript on windows.