Introduction

Exim4 is a Message Transfer Agent (MTA) developed at the University of Cambridge for use on Unix systems connected to the internet. Exim4 can be installed in place of sendmail or Postfix, although the configuration of Exim4 is quite different to that of sendmail.

Installation

Install the exim4 package from the Main repository using your favorite package manager (see InstallingSoftware).

Configuration

To configure Exim4, run the following command:

sudo dpkg-reconfigure exim4-config

The user interface will be displayed. The user interface lets you configure many parameters. For example, In Exim4 the configuration files are split among multiple files. If you wish to have them in one file you can configure accordingly in this user interface.

All the parameters you configure in the user interface are stored in /etc/exim4/update-exim4.conf.conf file. If you wish to re-configure the program, either re-run the configuration wizard or manually edit this file using your favourite editor. Run the following command to generate the master configuration file:

sudo update-exim4.conf

The master configuration file will be generated and stored in /var/lib/exim4/config.autogenerated.


IconsPage/warning.png Note: Never directly edit the master configuration file, /var/lib/exim4/config.autogenerated. It is updated automatically every time you run update-exim4.conf


The following command will start the exim4 daemon:

sudo /etc/init.d/exim4 start

TODO: This section should cover configuring SMTP AUTH with exim4.

SMTP Authentication

In this section we'll configure Exim4 to use SMTP AUTH using TLS and SASL. The instructions below assume a split Exim4 configuration is used.

The first step is to create a certificate for use with TLS. Enter the following into a terminal prompt:

sudo /usr/share/doc/exim4-base/examples/exim-gencert

Now Exim4 needs to be configured for TLS by editing /etc/exim4/conf.d/main/03_exim4-config_tlsoptions
Add the following:

MAIN_TLS_ENABLE = yes

Next you need to configure Exim4 to use the saslauthd for authentication. Edit /etc/exim4/conf.d/auth/30_exim4-config_examples and uncomment the plain_saslauthd_server and login_saslauthd_server sections:

 plain_saslauthd_server:
   driver = plaintext
   public_name = PLAIN
   server_condition = ${if saslauthd{{$auth2}{$auth3}}{1}{0}}
   server_set_id = $auth2
   server_prompts = :
   .ifndef AUTH_SERVER_ALLOW_NOTLS_PASSWORDS
   server_advertise_condition = ${if eq{$tls_cipher}{}{}{*}}
   .endif
#
 login_saslauthd_server:
   driver = plaintext
   public_name = LOGIN
   server_prompts = "Username:: : Password::"
   # don't send system passwords over unencrypted connections
   server_condition = ${if saslauthd{{$auth1}{$auth2}}{1}{0}}
   server_set_id = $auth1
   .ifndef AUTH_SERVER_ALLOW_NOTLS_PASSWORDS
   server_advertise_condition = ${if eq{$tls_cipher}{}{}{*}}
   .endif

Finally, update the Exim4 configuration and restart the service:

sudo update-exim4.conf
sudo /etc/init.d/exim4 restart

Configuring SASL

This section provides details on configuring the saslauthd to provide authentication for Exim4.

The first step is to install the sasl2-bin package from the Main repository (see InstallingSoftware).

To configure saslauthd edit the /etc/default/saslauthd configuration file and set START=no to:

START=yes

Next the Debian-exim user needs to be part of the sasl group in order for Exim4 to use the saslauthd service:

sudo adduser Debian-exim sasl

Now start the saslauthd service:

sudo /etc/init.d/saslauthd start

Exim4 is now configured with SMTP AUTH using TLS and SASL authentication.


Note: this guide has been tested on Ubuntu 7.10 (Gutsy Gibbon)


CategoryInternet CategoryEmail

Exim4 (last edited 2012-01-05 01:07:42 by japoth)