Без правильных правил в pf все равно будет уходить в defaultroute, поэтому pbr нужен в любом случае. Либо держать две таблицы маршрутизации и стартовать exim через setfib.
12.03.2014 13:54, dawnshade пишет: > > +---------+---------+------------------+--------------+ > |interface|Use: smtp|Type: string list*|Default: unset| > +---------+---------+------------------+--------------+ > > This option specifies which interface to bind to when making an > outgoing SMTP > call. The value is an IP address, not an interface name such as > "eth0". Do not > confuse this with the interface address that was used when a message was > received, which is in $received_ip_address, formerly known as > $interface_address. The name was changed to minimize confusion with the > outgoing interface address. There is no variable that contains an outgoing > interface address because, unless it is set by this option, its value is > unknown. > > During the expansion of the interface option the variables $host and > $host_address refer to the host to which a connection is about to be made > during the expansion of the string. Forced expansion failure, or an empty > string result causes the option to be ignored. Otherwise, after > expansion, the > string must be a list of IP addresses, colon-separated by default, but the > separator can be changed in the usual way. For example: > > interface = <; 192.168.123.123 ; 3ffe:ffff:836f::fe86:a061 > > The first interface of the correct type (IPv4 or IPv6) is used for the > outgoing > connection. If none of them are the correct type, the option is > ignored. If > interface is not set, or is ignored, the system's IP functions choose > which > interface to use if the host has more than one. > > > > > Среда, 12 марта 2014, 13:44 +02:00 от Alexandr Usov > <[email protected]>: > > Приветствую! > > На моем сервере FreeBSD - 2 внешних IP (два ISP). > Там же работает Exim. > > Основной IP попал в блеклисты (подобрали или своровали пароль > одного из юзеров и слали три дня выходных спам через наш сервер). > > Есть ли способ, не меняя гейт по-умолчанию, задать Exim-у выходить > через второй внешний интерфейс? > > Правилами pf (используемый на сервере в качестве firewall) пока не > получается. > > pass in quick route-to { $isp1 $isp1_gw } inet proto tcp from > 192.168.10.15 to any port { 25, 465, 578 } keep state > > _______________________________________________ > Exim-users mailing list > [email protected] </compose?To=exim%[email protected]> > http://mailground.net/mailman/listinfo/exim-users > > > > -- > - - > > > _______________________________________________ > Exim-users mailing list > [email protected] > http://mailground.net/mailman/listinfo/exim-users >
_______________________________________________ Exim-users mailing list [email protected] http://mailground.net/mailman/listinfo/exim-users
