The Courier mail server's default configuration listens on port 25 on all IP addresses. If the server has more than one IP address, Courier accepts connections on any IP address. Adjust the settings in the esmtpd configuration file to explicitly enumerate IP addresses that Courier listens on. This also applies to the ESMTP over SSL server on port 465 configured by esmtpd-ssl, and the MSA server on port 587, configured by esmtpd-msa.
When the Courier mail server sends a message using ESMTP, the default configuration leaves the IP addresses used by Courier unspecified, and the server selects a default IP address based on a server's network configuration. The selection criteria is platform specific, and is typically based on the system's IP routing tables. The ipout and ip6out configuration files set an explicit IP address Courier uses to make outgoing network connections for ESMTP mail:
echo "192.168.0.1" > /etc/courier/ipout
echo "fec0::230:48ff:fec4:429c" > /etc/courier/ip6out
This example specifies 192.168.0.1 as the IP address to make connections from for IPv4 destinations, and fec0::230:48ff:fec4:429c for IPv6 destinations.
If the Courier mail server accepts an ESMTP connection and a message from an authenticated client with relaying privileges, in a smarthost role, and forwards the message via ESMTP, Courier uses this explicit IP address setting no matter which IP address the authenticated client connected to. If the Courier mail server runs on a host with two IP addresses, 192.168.0.1, 192.168.1.1, the above example uses 192.168.0.1 to send the relayed message to IPv4 destinations even if Courier received the message from a client that connected to the other addresses. It's possible to select a different IP address for outgoing connections depending on the IP address of the connection the message was originally received from:
echo "192.168.0.1" > /etc/courier/ipout.192.168.0.1
echo "192.168.1.1" > /etc/courier/ipout.192.168.1.1
This example specifies 192.168.0.1 as the IP address to make connections from for IPv4 destinations, and fec0::230:48ff:fec4:429c for IPv6 destinations.
If the Courier mail server accepts an ESMTP connection and a message from an authenticated client with relaying privileges, in a smarthost role, and forwards the message via ESMTP, Courier uses this explicit IP address setting no matter which IP address the authenticated client connected to. If the Courier mail server runs on a host with two IP addresses, 192.168.0.1, 192.168.1.1, the above example uses 192.168.0.1 to send the relayed message to IPv4 destinations even if Courier received the message from a client that connected to the other addresses.
It's possible to select a different IP address for outgoing connections depending on the IP address of the connection the message was originally received from:
echo "192.168.0.1" > /etc/courier/ipout.192.168.0.1
echo "192.168.1.1" > /etc/courier/ipout.192.168.1.1
ipout.address sets the IP address for outgoing connections for messages received from a client connection to "address". The above example specifies that, on a server with these two IP addresses, messages received from a client that's connected to either IP address get forwarded (from a client that normally authenticates and receives relaying privileges) using a connection from the same IP address.
For convenience, an empty ipout.address gets interpreted as if it contains the same address. The above example is equivalent to:
touch /etc/courier/ipout.192.168.0.1
touch /etc/courier/ipout.192.168.1.1
The formal configuration rules are as follows, for a message received from IP address address, which may be an IPv4 or an IPv6 address:
-
The IPv4 address and the IPv6 address for outgoing ESMTP connections get specified by the contents of
/etc/courier/ipout.addressand/etc/courier/ip6out.address, respectively. -
If the file exists, but is empty, the same address becomes the IP address for the outgoing connection.
-
If the file does not exist, the contents of
/etc/courier/ipout, for IPv4 connections, and/etc/courier/ip6out, for IPv6 connections set the IP address. -
Otherwise, the Courier mail server uses the default IP address determined by the system's network configuration.
-
In
/etc/courier/ipout.addressand/etc/courier/ip6out.address, an address of 0 also specifies the system's default IP address.
It is possible for the Courier mail server to receive a message
from an IPv6 connection, and forward it to an IPv4 address, or
vice versa. The address portion of /etc/courier/ipout.address and
/etc/courier/ip6out.address, specifies the IP address the client
used to connect to Courier and may be either an IPv4 or an IPv6
address, in both cases! For example:
echo "192.168.0.1" > /etc/courier/ipout.192.168.0.1
echo "fec0::230:48ff:fec4:429c" > /etc/courier/ip6out.192.168.0.1
This means that when a client connects to the Courier mail server using the IP address 192.168.0.1 and relays a message, if the message gets forwarded to an IPv4 address, Courier uses the same IP address, and if it gets forwarded to an IPv6 address Courier uses this IPv6 address. The above also probably means that:
echo "192.168.0.1" > /etc/courier/ipout.fec0::230:48ff:fec4:429c
echo "fec0::230:48ff:fec4:429c" > /etc/courier/ipout.fec0::230:48ff:fec4:429c
So if an IPv6 client connects to Courier on this IPv6 address and relays a message, Courier uses the same IPv6 address, or 192.168.0.1 depending on the destination.
Notwithstanding the IP address set in an ipout or an ip6out file, the server's network configuration must be able to actually establish a network connection to the destination address from the explicitly specified IP address. Specifying an explicit IP address for outgoing connections implies that the IP addresses are fully and globally routable.
Additionally, for all other configuration files described in this manual page, the Courier mail server uses filename.address if it exists, in place of filename when processing messages received from address, either an IPv4 or an IPv6 address.
This is used in all contexts where it makes sense to do so:
echo "relay.example.com" > /etc/courier/me.192.168.0.1
echo "firewall.example.com" > /etc/courier/me.192.168.1.1
This example specifies relay.example.com as the contents of the me configuration file, described earlier in this manual page, when processing messages received by clients that connect to 192.168.0.1, and firewall.example.com for processing messages received by clients that connect to 192.168.1.1.
me is the default hostnamefor most common Courier mail server configuration settings, such as the server's name in the ESMTP greeting banner, what Courier calls itself in the ESMTP EHLO/HELO commands, and other contexts, unless overridden by a more specific setting.
The IP address-specific configuration settings get used only in the context of processing messages, and have no impact on other parts of the Courier mail server that do not have a direct relationship to a specific message. One such example would be when Courier authenticates a client's username or password. This is not directly related to any message the client may or may not send after it authenticates, so this happens in exactly the same way no matter which IP address the client connected to.
)