I was trying to configure Exim4 in debian for receiving and sending email occasionally.
First I have setup account in dyndns.com for my dynamic public IP.
#dpkg-reconfigure exim4-config
General type of mail configuration: internet site; mail is sent and received directly using SMTP.
System mail name: yourdomain.com
IP-addresses to listen on for incomming SMTP connections: // leave blank
Other destinations for which mail is accepted: yourdomain.com
Domains to relay mail for: // leave blank
Machines to relay mail for: // leave blank
Keep number of DNS-queries minimal (Dial-on-Demand) ?: No
Delivery method for local mail: Maildir format in home directory
Split configuration into small files ? : No
You can add new account in Evolution mail as “maildir“, sending SMTP localhost. done…..
If you face problem while sending mail, you might be interested to configure SMTP relay:
http://wiki.debian.org/GmailAndExim4
TLS and Authentication
Generate a certificate using:
#bash /usr/share/doc/exim4-base/examples/exim-gencert
It will generate exim.crt and exim.key in /etc/exim4/
You may simply copy certificates if you have bought it earlier.
#cd /etc/exim4
#vi exim4.conf.template
add the following line
MAIN_TLS_ENABLE = yes
before
.ifdef MAIN_TLS_ENABLE
To verify TLS we are installing diagnostic tool:
# apt-get install swaks libnet-ssleay-perl
Test the connection:
$ swaks -a -tls -q HELO -s localhost -au your_user -ap ‘<>’
=== Trying localhost:25…
=== Connected to localhost.
<- 220 debianwb ESMTP Exim 4.76 Thu, 04 Aug 2011 14:22:02 +0600
-> EHLO debianwb
<- 250-debianwb Hello localhost [127.0.0.1]
<- 250-SIZE 52428800
<- 250-PIPELINING
<- 250-STARTTLS
<- 250 HELP
-> STARTTLS
<- 220 TLS go ahead
=== TLS started w/ cipher DHE-RSA-AES256-SHA
~> EHLO debianwb
<~ 250-debianwb Hello localhost [127.0.0.1]
<~ 250-SIZE 52428800
<~ 250-PIPELINING
<~ 250 HELP
~> QUIT
<~ 221 evie closing connection
We were sending an empty pass while testing swaks.
Now, we will add authentication schema.
For the shell users we are using SASL, which uses PAM for password authentication.
#apt-get install sasl2-bin
To enable:
#vi /etc/default/saslauthd
START=yes
start the deamon
#/etc/init.d/saslauthd start
#vi /etc/exim4/exim4.conf
Un-comment the following line authentication via saslauthd:
plain_saslauthd_server:
driver = plaintext
public_name = PLAIN
server_condition = ${if saslauthd{{$auth2}{$auth3}}{1}{0}}
server_set_id = $auth2
server_prompts = :
.ifndef AUTH_SERVER_ALLOW_NOTLS_PASSWORDS
server_advertise_condition = ${if eq{$tls_cipher}{}{}{*}}
.endif
Add exim to sasl group
#adduser Debian-exim sasl
Test the connection using your username:
#swaks -a -tls -q AUTH -s localhost -au your_user
Password:
you may need to add
#vi /etc/hosts
127.0.0.1 your_domain
Enableing IMAP access:
#apt-get install courier-imap courier-imap-ssl
Create directories for web-based administration -> No
You may install “File Access Monitor” daemon to check other folders beside Inbox:
# apt-get install fam
Check this link for details information.
Optionally you can check for X.509 Certificate:
# vi /etc/courier/imapd.cnf
If you do not want to use the default certificate, after edit the imapd.cnf, you may generate using:
# mkimapdcert
If you are behind a router, forward port 25, 143, 706, 993 to your server.
source:
http://blog.edseek.com/~jasonb/articles/exim4_courier/index.html
http://pkg-exim4.alioth.debian.org/README/README.Debian.html
http://library.linode.com/email/exim/send-only-mta-debian-6-squeeze
http://koivi.com/exim4-config/
