docs:tips_n_tricks:exim.html
Differences
This shows you the differences between two versions of the page.
Both sides previous revisionPrevious revisionNext revision | Previous revision | ||
docs:tips_n_tricks:exim.html [25.07.2011 01:14 CEST] – peter | docs:tips_n_tricks:exim.html [18.11.2019 00:08 CET] (current) – [Enabling fail2ban for exim4 on Debian buster] peter | ||
---|---|---|---|
Line 1: | Line 1: | ||
====== exim ====== | ====== exim ====== | ||
+ | |||
===== Increase timeout for delay warning messages ===== | ===== Increase timeout for delay warning messages ===== | ||
Line 35: | Line 36: | ||
Then run | Then run | ||
- | update-exim4.conf.templage | + | update-exim4.conf.template |
/ | / | ||
You must __not__ have a virtual domain name for the " | You must __not__ have a virtual domain name for the " | ||
- | ===== Use a debian server with exim4 as a smart host for dialup systems ===== | + | ===== Use a debian server with exim4 as a incoming(!) |
* Put your routing in ''/ | * Put your routing in ''/ | ||
Line 64: | Line 65: | ||
update-exim4.conf.template -r | update-exim4.conf.template -r | ||
/ | / | ||
+ | | ||
+ | ===== Creating local accounts to authenticate against for as outgoing smart host on debian ===== | ||
+ | |||
+ | ==== exim-adduser ==== | ||
+ | Use ''/ | ||
+ | ==== shadow ==== | ||
+ | There seem to be other solutions using ''/ | ||
+ | ==== mkpasswd ==== | ||
+ | The files format is one user per line: | ||
+ | |||
+ | < | ||
+ | |||
+ | The //hashed password// can be generated by '' | ||
+ | // | ||
+ | |||
+ | References: | ||
+ | * [[https:// | ||
+ | * [[http:// | ||
+ | * ''/ | ||
+ | ===== TLS with exim < 4.80 using GnuTLS on debian ===== | ||
+ | |||
+ | vi / | ||
+ | cp -vip / | ||
+ | chgrp Debian-exim / | ||
+ | chmod o-rwx,g=r / | ||
+ | update-exim4.conf.template -r | ||
+ | / | ||
+ | / | ||
+ | |||
+ | __added lines to '' | ||
+ | |||
+ | MAIN_TLS_ENABLE = 1 | ||
+ | tls_require_ciphers = AES_256 : AES_128 : 3DES | ||
+ | gnutls_require_protocols = TLS1 | ||
+ | | ||
+ | MAIN_TLS_CERTIFICATE = / | ||
+ | MAIN_TLS_PRIVATEKEY = CONFDIR/ | ||
+ | |||
+ | The key is copied from ''/ | ||
+ | |||
+ | Credits: | ||
+ | |||
+ | * www.schneiderp.de had an [[http:// | ||
+ | * Tests done with [[https:// | ||
+ | {{tag> | ||
+ | {{entry> | ||
+ | {{entry> | ||
+ | |||
+ | ===== Enableing smtps/ | ||
+ | * Enable TLS as described above | ||
+ | * <code text / | ||
+ | tls_on_connect_ports = 465 | ||
+ | </ | ||
+ | * run '' | ||
+ | * restart //exim4//: '' | ||
+ | |||
+ | ===== Enabling fail2ban for exim4 on Debian buster ===== | ||
+ | |||
+ | apt install fail2ban | ||
+ | fail2ban-client add exim-spam | ||
+ | fail2ban-client start exim | ||
+ | fail2ban-client start exim-spam | ||
+ | |||
+ | <note tip> | ||
+ | {{tag> | ||
+ | {{entry> | ||
+ | | ||
+ | |||
+ | ====== | ||
+ | {{tag> | ||
+ | {{entry> | ||
+ | {{entry> | ||
+ | {{entry> |
docs/tips_n_tricks/exim.html.1311549257.txt.gz · Last modified: 25.07.2011 01:14 CEST by peter