Mailing List Archive

On 26/10/2023 10:08, Gandalf Corvotempesta via Exim-users wrote:
> TL;DR: how can i route, to a specific smarthost, all email based on
> the *recipient* mx IP address ?

- a manualroute router, pointing to the required smarthost
- placed in the routing chain early, to strip out from the
general "deliver to the MX" externals
- with a complicated "condition" to decide when it triggers
- condition does a dnsdb lookup, for mx
and matches the required IP address

- you get to pick what "matches" means. Will there always be only one?
Do you need to check for one specific in a possible list returnd for
the MX lookup? Do you have a list of possibles?

--
Cheers,
Jeremy


--
## subscription configuration (requires account):
## https://lists.exim.org/mailman3/postorius/lists/exim-users.lists.exim.org/
## unsubscribe (doesn't require an account):
## exim-users-unsubscribe@lists.exim.org
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

Il giorno gio 26 ott 2023 alle ore 11:48 Jeremy Harris via Exim-users
<exim-users@lists.exim.org> ha scritto:
> - a manualroute router, pointing to the required smarthost
Ok

> - placed in the routing chain early, to strip out from the
> general "deliver to the MX" externals

Ok.

> - with a complicated "condition" to decide when it triggers
Ok

> - condition does a dnsdb lookup, for mx
> and matches the required IP address

Ok....i'm here.
But dnsdb lookup returns a list of MXs , not a list (or just one from
the list) of IP addresses.
How can I force a dnsdb lookup to return resolved hosts to ips ?

> - you get to pick what "matches" means. Will there always be only one?
> Do you need to check for one specific in a possible list returnd for
> the MX lookup? Do you have a list of possibles?

I don't have a list of MXs, I have a list of IPs and I have to check
if the returned MXs are poiting to the list of IPs

--
## subscription configuration (requires account):
## https://lists.exim.org/mailman3/postorius/lists/exim-users.lists.exim.org/
## unsubscribe (doesn't require an account):
## exim-users-unsubscribe@lists.exim.org
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

On 26/10/2023 11:30, Gandalf Corvotempesta via Exim-users wrote:
> Il giorno gio 26 ott 2023 alle ore 11:48 Jeremy Harris via Exim-users
>> - condition does a dnsdb lookup, for mx
>> and matches the required IP address
>
> Ok....i'm here.
> But dnsdb lookup returns a list of MXs , not a list (or just one from
> the list) of IP addresses.
> How can I force a dnsdb lookup to return resolved hosts to ips ?

If MX-sorting not needed:
${lookup dnsdb{a+=${lookup dnsdb{>: mxh=example.com}}}}


> I don't have a list of MXs, I have a list of IPs and I have to check
> if the returned MXs are poiting to the list of IPs

look into a "forany" expansion condition to walk the list resulting
from dns, using a match_ip expansion condition to compare each
item against your "list of IPs"

--
Cheers,
Jeremy


--
## subscription configuration (requires account):
## https://lists.exim.org/mailman3/postorius/lists/exim-users.lists.exim.org/
## unsubscribe (doesn't require an account):
## exim-users-unsubscribe@lists.exim.org
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

Il giorno gio 26 ott 2023 alle ore 13:11 Jeremy Harris via Exim-users
<exim-users@lists.exim.org> ha scritto:
> If MX-sorting not needed:
> ${lookup dnsdb{a+=${lookup dnsdb{>: mxh=example.com}}}}

Actually, i'm here, with a custom router.

relay_to_aws:
debug_print = "R: relay_to_aws for $local_part@$domain . Remote IP:
${lookup dnsdb{a+=${lookup dnsdb{>: mxh=$domain}}}}"
driver = manualroute
domains = ! +local_domains
condition = ${lookup {${lookup dnsdb{a+=${lookup dnsdb{>:
mxh=$domain}}}}}iplsearch{/etc/exim4/route_to_aws}{yes}{no}}
route_data = ${lookup {${lookup dnsdb{a+=${lookup dnsdb{>:
mxh=$domain}}}}}iplsearch{/etc/exim4/route_to_aws}}
transport = remote_smtp
same_domain_copy_routing = yes
no_more

With single-mx domains, it works. But it crash trying to resolve the
condition for any domains with multiple MXs
As you suggested, i think i have to use forany condition somewhere.

But how can I use a single lookup (and not 2 like in the code above),
merging route_data and condition ? From the condition can I set a
variable to use with route_data ?
I didn't find anything in this regard.

--
## subscription configuration (requires account):
## https://lists.exim.org/mailman3/postorius/lists/exim-users.lists.exim.org/
## unsubscribe (doesn't require an account):
## exim-users-unsubscribe@lists.exim.org
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

On 26/10/2023 14:28, Gandalf Corvotempesta via Exim-users wrote:
> But how can I use a single lookup (and not 2 like in the code above),
> merging route_data and condition ? From the condition can I set a
> variable to use with route_data ?
> I didn't find anything in this regard.

Look at the "set" generic router option.

Mind, textually identical lookups get their results cached within
the exim process anyway, by default.
--
Cheers,
Jeremy


--
## subscription configuration (requires account):
## https://lists.exim.org/mailman3/postorius/lists/exim-users.lists.exim.org/
## unsubscribe (doesn't require an account):
## exim-users-unsubscribe@lists.exim.org
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

ok so i can still call the same lookup multiple times.

i've fixed almost everything except that with IPv6 the lookup doesn't works
and return nothing. (i'm using ";" as delimiter)

Il gio 26 ott 2023, 16:02 Jeremy Harris via Exim-users <
exim-users@lists.exim.org> ha scritto:

> On 26/10/2023 14:28, Gandalf Corvotempesta via Exim-users wrote:
> > But how can I use a single lookup (and not 2 like in the code above),
> > merging route_data and condition ? From the condition can I set a
> > variable to use with route_data ?
> > I didn't find anything in this regard.
>
> Look at the "set" generic router option.
>
> Mind, textually identical lookups get their results cached within
> the exim process anyway, by default.
> --
> Cheers,
> Jeremy
>
>
> --
> ## subscription configuration (requires account):
> ##
> https://lists.exim.org/mailman3/postorius/lists/exim-users.lists.exim.org/
> ## unsubscribe (doesn't require an account):
> ## exim-users-unsubscribe@lists.exim.org
> ## Exim details at http://www.exim.org/
> ## Please use the Wiki with this list - http://wiki.exim.org/
>

--
## subscription configuration (requires account):
## https://lists.exim.org/mailman3/postorius/lists/exim-users.lists.exim.org/
## unsubscribe (doesn't require an account):
## exim-users-unsubscribe@lists.exim.org
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

On 26/10/2023 17:13, Gandalf Corvotempesta via Exim-users wrote:
> i've fixed almost everything except that with IPv6 the lookup doesn't works
> and return nothing. (i'm using ";" as delimiter)

Run it seperately using "-be" expansion-test mode
--
Cheers,
Jeremy


--
## subscription configuration (requires account):
## https://lists.exim.org/mailman3/postorius/lists/exim-users.lists.exim.org/
## unsubscribe (doesn't require an account):
## exim-users-unsubscribe@lists.exim.org
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

• Gandalf Corvotempesta via Exim-users [2023-10-26 11:08]:
> Hi guys
>
> TL;DR: how can i route, to a specific smarthost, all email based on
> the *recipient* mx IP address ?

Maybe you could solve the task at a lower level, e.g. use operating
system's networking facilities e.g. to redirect connections to port 25
on those specific IP addresses to the smarthost, or better have some VPN
between GCP and AWS and route packets via the AWS instance (which would
have to make sure to use NAT on packets coming from GCP).

Could that work?

> Long version:
>
> I have a mail server hosted on Google Cloud that can't reach some
> "restricted" countries, like Cuba, Iran, Syria and so on.
>
> A customer of us, has a department located in Iran and is unable to
> communicate to them, so i've started an AWS instance (that is able to
> reach the remote iran server) and i would like to route, from my GCE
> instance all email that should be routed to an iran IP address (i have
> a list, downloaded from ipdeny.com), to my AWS instance.
>
> I can check for the remote MX in the transport, but:
> 1. i'm getting a list of multiple hosts
> 2. i need to convert one (or more) of them to IP addresses
> 3. i need to check if at least one of these IP is inside a file
> (automatically updated from ipdeny.com)
>
> I don't know how to start.
> Any help, or any better solution ? Checking the recipient TLD would be
> much easier but not all recipients ends in ".in"
>
> Currently, as workaround, i've set the AWS as fallback_host, because
> when an email is routed to Iran, goes in timeout and then routed to
> the fallback_host, but this is no good because is routing throuhg AWS
> all emails that are triggering a timeout but I need to route *only*
> emails to some ip addresses
>

--
## subscription configuration (requires account):
## https://lists.exim.org/mailman3/postorius/lists/exim-users.lists.exim.org/
## unsubscribe (doesn't require an account):
## exim-users-unsubscribe@lists.exim.org
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

On 2023-10-26, Gandalf Corvotempesta via Exim-users <exim-users@lists.exim.org> wrote:
> Hi guys
>
> TL;DR: how can i route, to a specific smarthost, all email based on
> the *recipient* mx IP address ?

Yes, in your config use the dnslookup router for that smarthost use ignore_target_hosts with an
inverted host list ( that is put a ! in front of it )

hostlist iran_ips = .....

iram_mx:
driver=dnslookup
ignore_target_hosts = ! +iran_ips
route_data=address_of_your_smarthost
transport = iran_smarthost


> I can check for the remote MX in the transport, but:
> 1. i'm getting a list of multiple hosts
> 2. i need to convert one (or more) of them to IP addresses
> 3. i need to check if at least one of these IP is inside a file
> (automatically updated from ipdeny.com)

looking in a file is also possible

hostlist iran_ips = /path/to/file

--
Jasen.
???????? ????? ???????

--
## subscription configuration (requires account):
## https://lists.exim.org/mailman3/postorius/lists/exim-users.lists.exim.org/
## unsubscribe (doesn't require an account):
## exim-users-unsubscribe@lists.exim.org
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

Il gio 26 ott 2023, 21:22 Kirill Miazine via Exim-users <
exim-users@lists.exim.org> ha scritto:

> Maybe you could solve the task at a lower level, e.g. use operating
> system's networking facilities e.g. to redirect connections to port 25
> on those specific IP addresses to the smarthost, or better have some VPN
> between GCP and AWS and route packets via the AWS instance (which would
> have to make sure to use NAT on packets coming from GCP).
>
> Could that work?
>

i can , and would be much easier, but this would "break" logging and
debugging i think
exim will log an email sent to IP 1.2.3.4 (the real one) but thank to
iptables, the email is sent to a different host.

It works, but in 2 days we'll forget this thing and we'll start to
troubleshoot why an email sent to and accepted by 1.2.3.4 is not delivered,
forgetting that the email could be stuck in our external "proxy"

even an exim -bt ffff@gggg.in will not produce a useful output

Better to handle the routing inside exim, but in going crazy with the
conditions....

i've already set a condition with ${if forany.....} to trigger if any of
the the ip in the list are inside a file, but with ipv6 it doesn't work at
all, the list seems to be always empty

--
## subscription configuration (requires account):
## https://lists.exim.org/mailman3/postorius/lists/exim-users.lists.exim.org/
## unsubscribe (doesn't require an account):
## exim-users-unsubscribe@lists.exim.org
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

Il giorno gio 26 ott 2023 alle ore 18:43 Jeremy Harris via Exim-users
<exim-users@lists.exim.org> ha scritto:
> Run it seperately using "-be" expansion-test mode

As you can see here, with some hosts the MXs are returned properly
(even with IPv6, i've cheded),
but with some others, don't. (it also fails on some of my domains). Any clue ?

It's the "a+" lookup that fails, the mxh is working properly.

# exim -be '${lookup dnsdb{>; a+=${lookup dnsdb{>; mxh=gmail.com}}}}'

# exim -be '${lookup dnsdb{>; a+=${lookup dnsdb{>; mxh=ansa.it}}}}'

# exim -be '${lookup dnsdb{>; a+=${lookup dnsdb{>; mxh=microsoft.com}}}}'
104.47.53.36;104.47.54.36
# exim -be '${lookup dnsdb{>; a+=${lookup dnsdb{>; mxh=tex.cu}}}}'
190.92.116.36

--
## subscription configuration (requires account):
## https://lists.exim.org/mailman3/postorius/lists/exim-users.lists.exim.org/
## unsubscribe (doesn't require an account):
## exim-users-unsubscribe@lists.exim.org
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

• Gandalf Corvotempesta via Exim-users [2023-10-27 08:40]:
> Il gio 26 ott 2023, 21:22 Kirill Miazine via Exim-users <
> exim-users@lists.exim.org> ha scritto:
>
>> Maybe you could solve the task at a lower level, e.g. use operating
>> system's networking facilities e.g. to redirect connections to port 25
>> on those specific IP addresses to the smarthost, or better have some VPN
>> between GCP and AWS and route packets via the AWS instance (which would
>> have to make sure to use NAT on packets coming from GCP).
>>
>> Could that work?
>>
>
> i can , and would be much easier, but this would "break" logging and
> debugging i think
> exim will log an email sent to IP 1.2.3.4 (the real one) but thank to
> iptables, the email is sent to a different host.
>
> It works, but in 2 days we'll forget this thing and we'll start to
> troubleshoot why an email sent to and accepted by 1.2.3.4 is not delivered,
> forgetting that the email could be stuck in our external "proxy"
>
> even an exim -bt ffff@gggg.in will not produce a useful output
>
> Better to handle the routing inside exim, but in going crazy with the
> conditions....
>
> i've already set a condition with ${if forany.....} to trigger if any of
> the the ip in the list are inside a file, but with ipv6 it doesn't work at
> all, the list seems to be always empty

Have you considered using the dnslists ACL condition and set an
appropriate ACL message variable to check in a router? There's an
example at the end of section 30 for how to query dnslists for multiple
explicit keys at the same time:

https://www.exim.org/exim-html-current/doc/html/spec_html/ch-access_control_lists.html#SECTmulkeyfor

The countries.nerd.dk zone contains two-letter ISO 3166 country-code
subdomains you can use to determine whether an IP is from that
particular country.

--
## subscription configuration (requires account):
## https://lists.exim.org/mailman3/postorius/lists/exim-users.lists.exim.org/
## unsubscribe (doesn't require an account):
## exim-users-unsubscribe@lists.exim.org
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

• Kirill Miazine via Exim-users [2023-10-27 09:26]:
> The countries.nerd.dk zone contains two-letter ISO 3166 country-code
> subdomains you can use to determine whether an IP is from that
> particular country.

ah, the list doesn't seem to be active anymore... :(

--
## subscription configuration (requires account):
## https://lists.exim.org/mailman3/postorius/lists/exim-users.lists.exim.org/
## unsubscribe (doesn't require an account):
## exim-users-unsubscribe@lists.exim.org
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

Il giorno ven 27 ott 2023 alle ore 09:30 Kirill Miazine via Exim-users
<exim-users@lists.exim.org> ha scritto:
> Have you considered using the dnslists ACL condition and set an
> appropriate ACL message variable to check in a router? There's an
> example at the end of section 30 for how to query dnslists for multiple
> explicit keys at the same time:
>
> https://www.exim.org/exim-html-current/doc/html/spec_html/ch-access_control_lists.html#SECTmulkeyfor

I can't use dnslist ACL because I don't have the *remote* ip address
to use as key to search for
I have to use a dnsdb lookup first and, as i have to call the lookup
anyway, i think it's easier to call
it directly inside the router with a condition, just to keep
everything in a single place, or not ?
Also, to use a custom dnslist i have to start a rbldnsd (or similar) server

> The countries.nerd.dk zone contains two-letter ISO 3166 country-code
> subdomains you can use to determine whether an IP is from that
> particular country.

It doens't work. NXDOMAIN

--
## subscription configuration (requires account):
## https://lists.exim.org/mailman3/postorius/lists/exim-users.lists.exim.org/
## unsubscribe (doesn't require an account):
## exim-users-unsubscribe@lists.exim.org
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

Il giorno ven 27 ott 2023 alle ore 09:17 Gandalf Corvotempesta
<gandalf.corvotempesta@gmail.com> ha scritto:
> As you can see here, with some hosts the MXs are returned properly
> (even with IPv6, i've cheded),
> but with some others, don't. (it also fails on some of my domains). Any clue ?
>
> It's the "a+" lookup that fails, the mxh is working properly.
>
> # exim -be '${lookup dnsdb{>; a+=${lookup dnsdb{>; mxh=gmail.com}}}}'
>
> # exim -be '${lookup dnsdb{>; a+=${lookup dnsdb{>; mxh=ansa.it}}}}'
>
> # exim -be '${lookup dnsdb{>; a+=${lookup dnsdb{>; mxh=microsoft.com}}}}'
> 104.47.53.36;104.47.54.36
> # exim -be '${lookup dnsdb{>; a+=${lookup dnsdb{>; mxh=tex.cu}}}}'
> 190.92.116.36

Found the issue: when the remote domain as multiple MXs, the dnsdb
lookup for "A/AAAA" records fails.
I need to use a forany on the mx list, but if I understood correctly,
the forany can be used only inside an IF

--
## subscription configuration (requires account):
## https://lists.exim.org/mailman3/postorius/lists/exim-users.lists.exim.org/
## unsubscribe (doesn't require an account):
## exim-users-unsubscribe@lists.exim.org
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

• Gandalf Corvotempesta [2023-10-27 09:44]:
> Il giorno ven 27 ott 2023 alle ore 09:30 Kirill Miazine via Exim-users
> <exim-users@lists.exim.org> ha scritto:
>> Have you considered using the dnslists ACL condition and set an
>> appropriate ACL message variable to check in a router? There's an
>> example at the end of section 30 for how to query dnslists for multiple
>> explicit keys at the same time:
>>
>> https://www.exim.org/exim-html-current/doc/html/spec_html/ch-access_control_lists.html#SECTmulkeyfor
>
> I can't use dnslist ACL because I don't have the *remote* ip address
> to use as key to search for
> I have to use a dnsdb lookup first and, as i have to call the lookup
> anyway, i think it's easier to call
> it directly inside the router with a condition, just to keep
> everything in a single place, or not ?

You'd have to do MX lookup, yes (as the example in the docs show), but
then dnslists would do the matching for you. I'd say it's easier to use
an existing matching facility, rather than re-implementing it (and risk
some edge cases). OTOH, the ACL would set the variable on a per-message
basis, and routing condition will be on a per-recipient basis, so router
with condition is likely best if you want to do this in Exim.

> Also, to use a custom dnslist i have to start a rbldnsd (or similar) server

countries.nerd.dk used to be such a list... The benefit of such dns
lists is that they could be used from multiple hosts, without a need to
have a local copy of files around.

>> The countries.nerd.dk zone contains two-letter ISO 3166 country-code
>> subdomains you can use to determine whether an IP is from that
>> particular country.
>
> It doens't work. NXDOMAIN

Yeah, it seems to be gone.

--
## subscription configuration (requires account):
## https://lists.exim.org/mailman3/postorius/lists/exim-users.lists.exim.org/
## unsubscribe (doesn't require an account):
## exim-users-unsubscribe@lists.exim.org
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

> From: Gandalf Corvotempesta

> # exim -be '${lookup dnsdb{>; a+=${lookup dnsdb{>; mxh=gmail.com}}}}'

Must be : instead or ; before mxh.

--
## subscription configuration (requires account):
## https://lists.exim.org/mailman3/postorius/lists/exim-users.lists.exim.org/
## unsubscribe (doesn't require an account):
## exim-users-unsubscribe@lists.exim.org
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

Il giorno ven 27 ott 2023 alle ore 10:07 Kirill Miazine via Exim-users
<exim-users@lists.exim.org> ha scritto:
> You'd have to do MX lookup, yes (as the example in the docs show), but
> then dnslists would do the matching for you. I'd say it's easier to use
> an existing matching facility, rather than re-implementing it (and risk
> some edge cases). OTOH, the ACL would set the variable on a per-message
> basis, and routing condition will be on a per-recipient basis, so router
> with condition is likely best if you want to do this in Exim.

Can you post an example, because Exim configuration and I, aren't good
friends :-)

--
## subscription configuration (requires account):
## https://lists.exim.org/mailman3/postorius/lists/exim-users.lists.exim.org/
## unsubscribe (doesn't require an account):
## exim-users-unsubscribe@lists.exim.org
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

Il giorno ven 27 ott 2023 alle ore 10:10 Jasen Betts via Exim-users
<exim-users@lists.exim.org> ha scritto:
> Yes, in your config use the dnslookup router for that smarthost use ignore_target_hosts with an
> inverted host list ( that is put a ! in front of it )
>
> hostlist iran_ips = .....
>
> iram_mx:
> driver=dnslookup
> ignore_target_hosts = ! +iran_ips
> route_data=address_of_your_smarthost
> transport = iran_smarthost

This is very interesting and much simpler than mine, but route_data
can't be used in a dnslookup router, only in manualrouter
And the manualrouter doesn't do a dnslookup

--
## subscription configuration (requires account):
## https://lists.exim.org/mailman3/postorius/lists/exim-users.lists.exim.org/
## unsubscribe (doesn't require an account):
## exim-users-unsubscribe@lists.exim.org
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

Il giorno ven 27 ott 2023 alle ore 10:10 Jasen Betts via Exim-users
<exim-users@lists.exim.org> ha scritto:
> Yes, in your config use the dnslookup router for that smarthost use ignore_target_hosts with an
> inverted host list ( that is put a ! in front of it )
>
> hostlist iran_ips = .....
>
> iram_mx:
> driver=dnslookup
> ignore_target_hosts = ! +iran_ips
> route_data=address_of_your_smarthost
> transport = iran_smarthost

SOLVED!
this is the solution (seems to work):

Google MX : routed normally

# exim -bt test@gmail.com
R: relay_to_aws for test@gmail.com
R: dnslookup for test@gmail.com
test@gmail.com
router = dnslookup, transport = remote_smtp
host gmail-smtp-in.l.google.com [2a00:1450:400c:c0c::1a] MX=5
host gmail-smtp-in.l.google.com [108.177.15.27] MX=5
host alt1.gmail-smtp-in.l.google.com [2a00:1450:4013:c16::1b] MX=10
host alt1.gmail-smtp-in.l.google.com [142.250.153.27] MX=10
host alt2.gmail-smtp-in.l.google.com [2a00:1450:4025:c03::1a] MX=20
host alt2.gmail-smtp-in.l.google.com [142.251.9.27] MX=20
host alt3.gmail-smtp-in.l.google.com [2a00:1450:4010:c1c::1b] MX=30
host alt3.gmail-smtp-in.l.google.com [142.250.150.27] MX=30
host alt4.gmail-smtp-in.l.google.com [2404:6800:4003:c00::1b] MX=40
host alt4.gmail-smtp-in.l.google.com [74.125.200.26] MX=40

Cuban MX: routed via AWS:

# exim -bt test@tex.cu
R: relay_to_aws2 for test@tex.cu
test@tex.cu
router = relay_to_aws, transport = remote_smtp_aws


relay_to_aws:
debug_print = "R: relay_to_aws for $local_part@$domain"
driver = dnslookup
ignore_target_hosts = ! +gce_blocked_ips
domains = ! +local_domains
transport = remote_smtp_aws


remote_smtp_aws:
debug_print = "T: remote_smtp_aws for $local_part@$domain"
driver = smtp

connect_timeout = 5s
hosts = XXX.XXX.XXX.XXX
hosts_override

--
## subscription configuration (requires account):
## https://lists.exim.org/mailman3/postorius/lists/exim-users.lists.exim.org/
## unsubscribe (doesn't require an account):
## exim-users-unsubscribe@lists.exim.org
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/