Introduction
Exim4 is a Message Transfer Agent (MTA) developed at the University of Cambridge for use on Unix systems connected to the internet. Exim4 can be installed in place of sendmail or Postfix, although the configuration of Exim4 is quite different to that of sendmail.
Installation
Install the exim4 package from the Main repository using your favorite package manager (see InstallingSoftware).
Configuration
To configure Exim4, run the following command:
sudo dpkg-reconfigure exim4-config
The user interface will be displayed. The user interface lets you configure many parameters. For example, In Exim4 the configuration files are split among multiple files. If you wish to have them in one file you can configure accordingly in this user interface.
All the parameters you configure in the user interface are stored in /etc/exim4/update-exim4.conf.conf file. If you wish to re-configure the program, either re-run the configuration wizard or manually edit this file using your favourite editor. Run the following command to generate the master configuration file:
sudo update-exim4.conf
The master configuration file will be generated and stored in /var/lib/exim4/config.autogenerated.
Note: Never directly edit the master configuration file, /var/lib/exim4/config.autogenerated. It is updated automatically every time you run update-exim4.conf
The following command will start the exim4 daemon:
sudo /etc/init.d/exim4 start
TODO: This section should cover configuring SMTP AUTH with exim4.
SMTP Authentication
In this section we'll configure Exim4 to use SMTP AUTH using TLS and SASL. The instructions below assume a split Exim4 configuration is used.
The first step is to create a certificate for use with TLS. Enter the following into a terminal prompt:
sudo /usr/share/doc/exim4-base/examples/exim-gencert
Now Exim4 needs to be configured for TLS by editing /etc/exim4/conf.d/main/03_exim4-config_tlsoptions
Add the following:
MAIN_TLS_ENABLE = yes
Next you need to configure Exim4 to use the saslauthd for authentication. Edit /etc/exim4/conf.d/auth/30_exim4-config_examples and uncomment the plain_saslauthd_server and login_saslauthd_server sections:
plain_saslauthd_server: driver = plaintext public_name = PLAIN server_condition = ${if saslauthd{{$auth2}{$auth3}}{1}{0}} server_set_id = $auth2 server_prompts = : .ifndef AUTH_SERVER_ALLOW_NOTLS_PASSWORDS server_advertise_condition = ${if eq{$tls_cipher}{}{}{*}} .endif # login_saslauthd_server: driver = plaintext public_name = LOGIN server_prompts = "Username:: : Password::" # don't send system passwords over unencrypted connections server_condition = ${if saslauthd{{$auth1}{$auth2}}{1}{0}} server_set_id = $auth1 .ifndef AUTH_SERVER_ALLOW_NOTLS_PASSWORDS server_advertise_condition = ${if eq{$tls_cipher}{}{}{*}} .endif
Finally, update the Exim4 configuration and restart the service:
sudo update-exim4.conf sudo /etc/init.d/exim4 restart
Configuring SASL
This section provides details on configuring the saslauthd to provide authentication for Exim4.
The first step is to install the sasl2-bin package from the Main repository (see InstallingSoftware).
To configure saslauthd edit the /etc/default/saslauthd configuration file and set START=no to:
START=yes
Next the Debian-exim user needs to be part of the sasl group in order for Exim4 to use the saslauthd service:
sudo adduser Debian-exim sasl
Now start the saslauthd service:
sudo /etc/init.d/saslauthd start
Exim4 is now configured with SMTP AUTH using TLS and SASL authentication.
Note: this guide has been tested on Ubuntu 7.10 (Gutsy Gibbon)