docs:tips_n_tricks:exim.html
Differences
This shows you the differences between two versions of the page.
Both sides previous revisionPrevious revisionNext revision | Previous revision | ||
docs:tips_n_tricks:exim.html [25.07.2011 01:01 CEST] – peter | docs:tips_n_tricks:exim.html [18.11.2019 00:08 CET] (current) – [Enabling fail2ban for exim4 on Debian buster] peter | ||
---|---|---|---|
Line 1: | Line 1: | ||
====== exim ====== | ====== exim ====== | ||
+ | |||
===== Increase timeout for delay warning messages ===== | ===== Increase timeout for delay warning messages ===== | ||
Line 17: | Line 18: | ||
exim4 -Mg < | exim4 -Mg < | ||
- | ===== Virtual | + | ===== Virtual |
Place virtual hosts alias files (like ''/ | Place virtual hosts alias files (like ''/ | ||
Line 35: | Line 36: | ||
Then run | Then run | ||
- | update-exim4.conf.templage | + | update-exim4.conf.template |
/ | / | ||
You must __not__ have a virtual domain name for the " | You must __not__ have a virtual domain name for the " | ||
+ | |||
+ | ===== Use a debian server with exim4 as a incoming(!) smart host for dialup systems ===== | ||
+ | |||
+ | * Put your routing in ''/ | ||
+ | |||
+ | mydomain.com | ||
+ | |||
+ | (provided that // | ||
+ | |||
+ | * Create a new file for your domain specific retry schedule ''/ | ||
+ | |||
+ | # Address or Domain | ||
+ | # ----------------- | ||
+ | | ||
+ | *.mydomain.com | ||
+ | *.mydomain.intern | ||
+ | |||
+ | * Increase the time until the server will send warning messages, as the dialup computer may be offline for several days by creating a new file ''/ | ||
+ | |||
+ | delay_warning = 15d | ||
+ | |||
+ | * Run | ||
+ | |||
+ | update-exim4.conf.template -r | ||
+ | / | ||
+ | | ||
+ | ===== Creating local accounts to authenticate against for as outgoing smart host on debian ===== | ||
+ | |||
+ | ==== exim-adduser ==== | ||
+ | Use ''/ | ||
+ | ==== shadow ==== | ||
+ | There seem to be other solutions using ''/ | ||
+ | ==== mkpasswd ==== | ||
+ | The files format is one user per line: | ||
+ | |||
+ | < | ||
+ | |||
+ | The //hashed password// can be generated by '' | ||
+ | // | ||
+ | |||
+ | References: | ||
+ | * [[https:// | ||
+ | * [[http:// | ||
+ | * ''/ | ||
+ | ===== TLS with exim < 4.80 using GnuTLS on debian ===== | ||
+ | |||
+ | vi / | ||
+ | cp -vip / | ||
+ | chgrp Debian-exim / | ||
+ | chmod o-rwx,g=r / | ||
+ | update-exim4.conf.template -r | ||
+ | / | ||
+ | / | ||
+ | |||
+ | __added lines to '' | ||
+ | |||
+ | MAIN_TLS_ENABLE = 1 | ||
+ | tls_require_ciphers = AES_256 : AES_128 : 3DES | ||
+ | gnutls_require_protocols = TLS1 | ||
+ | | ||
+ | MAIN_TLS_CERTIFICATE = / | ||
+ | MAIN_TLS_PRIVATEKEY = CONFDIR/ | ||
+ | |||
+ | The key is copied from ''/ | ||
+ | |||
+ | Credits: | ||
+ | |||
+ | * www.schneiderp.de had an [[http:// | ||
+ | * Tests done with [[https:// | ||
+ | {{tag> | ||
+ | {{entry> | ||
+ | {{entry> | ||
+ | |||
+ | ===== Enableing smtps/ | ||
+ | * Enable TLS as described above | ||
+ | * <code text / | ||
+ | tls_on_connect_ports = 465 | ||
+ | </ | ||
+ | * run '' | ||
+ | * restart //exim4//: '' | ||
+ | |||
+ | ===== Enabling fail2ban for exim4 on Debian buster ===== | ||
+ | |||
+ | apt install fail2ban | ||
+ | fail2ban-client add exim-spam | ||
+ | fail2ban-client start exim | ||
+ | fail2ban-client start exim-spam | ||
+ | |||
+ | <note tip> | ||
+ | {{tag> | ||
+ | {{entry> | ||
+ | | ||
+ | |||
+ | ====== | ||
+ | {{tag> | ||
+ | {{entry> | ||
+ | {{entry> | ||
+ | {{entry> |
docs/tips_n_tricks/exim.html.1311548493.txt.gz · Last modified: 25.07.2011 01:01 CEST by peter