docs:tips_n_tricks:exim.html
Differences
This shows you the differences between two versions of the page.
Next revision | Previous revision | ||
docs:tips_n_tricks:exim.html [10.04.2010 20:57 CEST] – created peter | docs:tips_n_tricks:exim.html [18.11.2019 00:08 CET] (current) – [Enabling fail2ban for exim4 on Debian buster] peter | ||
---|---|---|---|
Line 1: | Line 1: | ||
====== exim ====== | ====== exim ====== | ||
+ | |||
===== Increase timeout for delay warning messages ===== | ===== Increase timeout for delay warning messages ===== | ||
- | add the line | + | In case exim can not deliver a mail, it informs the sender by sending a warning message. |
+ | To send out those messages only after a mail could not be delivered for 15 days, add the line | ||
delay_warning = 15d | delay_warning = 15d | ||
Line 10: | Line 12: | ||
timeout_frozen_after = ... | timeout_frozen_after = ... | ||
- | which is - at least on debian systems - already there. | + | in exims configuration file. The latter does - at least on debian systems - already |
+ | |||
+ | ===== Expunge undeliverable mails ===== | ||
+ | |||
+ | exim4 -Mg < | ||
+ | |||
+ | ===== Virtual domains with exim4 on Debian ===== | ||
+ | |||
+ | Place virtual hosts alias files (like ''/ | ||
+ | |||
+ | Create the file ''/ | ||
+ | |||
+ | virtual: | ||
+ | driver = redirect | ||
+ | allow_defer | ||
+ | allow_fail | ||
+ | domains = dsearch;/ | ||
+ | data = ${expand: | ||
+ | retry_use_local_part | ||
+ | pipe_transport | ||
+ | file_transport | ||
+ | no_more | ||
+ | |||
+ | Then run | ||
+ | update-exim4.conf.template -r | ||
+ | / | ||
+ | |||
+ | You must __not__ have a virtual domain name for the " | ||
+ | |||
+ | ===== Use a debian server with exim4 as a incoming(!) smart host for dialup systems ===== | ||
+ | |||
+ | * Put your routing in ''/ | ||
+ | |||
+ | mydomain.com | ||
+ | |||
+ | (provided that // | ||
+ | |||
+ | * Create a new file for your domain specific retry schedule ''/ | ||
+ | |||
+ | # Address or Domain | ||
+ | # ----------------- | ||
+ | |||
+ | *.mydomain.com | ||
+ | *.mydomain.intern | ||
+ | |||
+ | * Increase the time until the server will send warning messages, as the dialup computer may be offline for several days by creating a new file ''/ | ||
+ | |||
+ | delay_warning = 15d | ||
+ | |||
+ | * Run | ||
+ | |||
+ | update-exim4.conf.template -r | ||
+ | / | ||
+ | |||
+ | ===== Creating local accounts to authenticate against for as outgoing smart host on debian ===== | ||
+ | |||
+ | ==== exim-adduser ==== | ||
+ | Use ''/ | ||
+ | ==== shadow ==== | ||
+ | There seem to be other solutions using ''/ | ||
+ | ==== mkpasswd ==== | ||
+ | The files format is one user per line: | ||
+ | |||
+ | < | ||
+ | |||
+ | The //hashed password// can be generated by '' | ||
+ | // | ||
+ | |||
+ | References: | ||
+ | * [[https:// | ||
+ | * [[http:// | ||
+ | * ''/ | ||
+ | ===== TLS with exim < 4.80 using GnuTLS on debian ===== | ||
+ | |||
+ | vi / | ||
+ | cp -vip / | ||
+ | chgrp Debian-exim / | ||
+ | chmod o-rwx,g=r / | ||
+ | update-exim4.conf.template -r | ||
+ | / | ||
+ | / | ||
+ | |||
+ | __added lines to '' | ||
+ | |||
+ | MAIN_TLS_ENABLE = 1 | ||
+ | tls_require_ciphers = AES_256 : AES_128 : 3DES | ||
+ | gnutls_require_protocols = TLS1 | ||
+ | |||
+ | MAIN_TLS_CERTIFICATE = / | ||
+ | MAIN_TLS_PRIVATEKEY = CONFDIR/ | ||
+ | |||
+ | The key is copied from ''/ | ||
+ | |||
+ | Credits: | ||
+ | |||
+ | * www.schneiderp.de had an [[http:// | ||
+ | * Tests done with [[https:// | ||
+ | {{tag> | ||
+ | {{entry> | ||
+ | {{entry> | ||
+ | |||
+ | ===== Enableing smtps/ | ||
+ | * Enable TLS as described above | ||
+ | * <code text / | ||
+ | tls_on_connect_ports = 465 | ||
+ | </ | ||
+ | * run '' | ||
+ | * restart //exim4//: '' | ||
+ | |||
+ | ===== Enabling fail2ban for exim4 on Debian buster ===== | ||
+ | |||
+ | apt install fail2ban | ||
+ | fail2ban-client add exim-spam | ||
+ | fail2ban-client start exim | ||
+ | fail2ban-client start exim-spam | ||
+ | |||
+ | <note tip> | ||
+ | {{tag> | ||
+ | {{entry> | ||
+ | |||
+ | |||
+ | ====== | ||
+ | {{tag> | ||
+ | {{entry> | ||
+ | {{entry> | ||
+ | {{entry> |
docs/tips_n_tricks/exim.html.1270925865.txt.gz · Last modified: 10.04.2010 20:57 CEST by peter