HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials

HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials (http://www.howtoforge.com/forums/index.php)
-   Tips/Tricks/Mods (http://www.howtoforge.com/forums/forumdisplay.php?f=19)
-   -   Exim (http://www.howtoforge.com/forums/showthread.php?t=8573)

Arricc 27th November 2006 20:12

Exim
 
After struggling with postfix, and refusing to use Sendmail, I decided to have a bash at using ISPConfig with Exim (which I use by preference).

It turned out to be very simple.

I use Debian, so this will be specific to Debian using the exim4-daemon-light package.

I installed exim4 again (after having had postfix and sendmail installed).

I decided on a non-split config option (though it would be simple to do it with the split config) and made the following changes to exim4.conf.template :
near the top of the file I added:
Code:

MAIN_TLS_ENABLE =yes
AUTH_SERVER_ALLOW_NOTLS_PASSWORDS = yes

Made a copy of the system_aliases router immediately below it and called it hosted_aliases. Changed it to look at /etc/postfix/virtusertable instead of /etc/aliases and to lookup $local_part@$domain instead of just $local_part:
Code:

  data = ${lookup{$local_part@$domain}lsearch{/etc/postfix/virtusertable}}
I use courier for my pop3/imap server so I uncommented the plain_courier_authdaemon and login_courier_authdaemon sections in the example authenticators section. I had to "chmod o+rw /var/run/courier/authdaemon/" to allow exim to read that file. There are other options available in there should you so choose.

Next I copied the files smtpd.crt and smtpd.key from /etc/postfix/ssl to /etc/exim4 and called them exim4.crt and exim4.key respectively.

Edit /etc/exim4/update-exim4.conf.conf and change the following line:
Code:

dc_other_hostnames='/etc/postfix/local-host-names'
Then, to finish faking out ISPConfig to make it believe its still talking to postfix...
Code:

cd /etc/init.d
ln -s exim4 postfix

Think thats everything, but if it doesn't work for you I can check my setup.

Hope thats of some help to folk, and also to the developers as I'd like to see Exim actually supported by ISPConfig (though I believe its in the roadmap?) :-)

till 28th November 2006 10:43

Thanks for the howto, I moved it to the Tipps & Tricks forum.

I guess ISPConfig was already installed as you changed to exim? The ISPConfig installer is checking for a postfix installation. So it might be nescessary to tweak the ISPConfig installer to recognize exim as valid MTA or postfix replacement.

Arricc 28th November 2006 11:54

Yeah, I followed the perfect debian install, then setup ISPConfig.

The problem is that I was running it under linux-vserver. Postfix couldn't send any mail to the domains with inbound MX records on the other IPs on the box as despite the fact it was only bound to a single IP I kept getting the "mail for example.com loops back to me" message. I know nothing about postfix and all the solutions said to add those domains to my list of local domains, which they're not. Thankfully I know a lot about Exim :)

I'll try and get a few minutes this week to write exim conf files for inclusion in a split Exim4 Debian config.

Arricc 28th November 2006 22:22

Okay... so these files are for those people using the exim4 split config as pioneered by Debian (yes their config looks hella complicated, but most people would never need to touch it and when you know how it works its nice and easy to fiddle.)

Code:

#/etc/exim4/conf.d/main/000_exim4-ISPConfig_options
# ISPConfig options for Exim
# Edit this file to set match the options in your mail server setup
# in your ISPConfig setup

#ISPCONFIG_ALIASFILE = /etc/exim4/virtusertable
#AUTH_SERVER_ALLOW_NOTLS_PASSWORDS = yes
#ISPCONFIG_COURIER_AUTH=yes
##This option requires you to copy the postfix smtpd.crt and smtpd.key to
## /etc/exim4 as exim4.crt and exim4.key
#MAIN_TLS_ENABLE = yes

Code:

#/etc/exim4/conf.d/router/450_exim4-ISPConfigAliases
# This router handles aliasing for ISPConfig users using the configured alias file.
#
.ifdef ISPCONFIG_ALIASFILE
ISPConfig_aliases:
  debug_print = "R: ISPConfig_aliases for $local_part@$domain"
  driver = redirect
  domains = +local_domains
  allow_fail
  allow_defer
  data = ${lookup{$local_part@$domain}lsearch{ISPCONFIG_ALIASFILE}}
  .ifdef SYSTEM_ALIASES_USER
  user = SYSTEM_ALIASES_USER
  .endif
  .ifdef SYSTEM_ALIASES_GROUP
  group = SYSTEM_ALIASES_GROUP
  .endif
  .ifdef SYSTEM_ALIASES_FILE_TRANSPORT
  file_transport = SYSTEM_ALIASES_FILE_TRANSPORT
  .endif
  .ifdef SYSTEM_ALIASES_PIPE_TRANSPORT
  pipe_transport = SYSTEM_ALIASES_PIPE_TRANSPORT
  .endif
  .ifdef SYSTEM_ALIASES_DIRECTORY_TRANSPORT
  directory_transport = SYSTEM_ALIASES_DIRECTORY_TRANSPORT
  .endif

# end ifdef ISPCONFIG_ALIASFILE
.endif

Now, for authentication...
Code:

#/etc/exim4/conf.d/auth/999_exim4-ISPConfig-Auth_Courier
#################################
# This file is copied straight from auth/30_exim4-config_examples

# This is now the (working!) example from
# http://www.exim.org/eximwiki/FAQ/Policy_controls/Q0730
# Possible pitfall: access rights on /var/run/courier/authdaemon/socket.
### This may be a security risk:
### chmod o+rw /var/run/courier/authdaemon/
###

.ifdef ISPCONFIG_COURIER_AUTH
 plain_courier_authdaemon:
  driver = plaintext
  public_name = PLAIN
  server_condition = \
    ${extract {ADDRESS} \
              {${readsocket{/var/run/courier/authdaemon/socket} \
              {AUTH ${strlen:exim\nlogin\n$2\n$3\n}\nexim\nlogin\n$2\n$3\n} }} \
              {yes} \
              fail}
  server_set_id = $2
  .ifndef AUTH_SERVER_ALLOW_NOTLS_PASSWORDS
  server_advertise_condition = ${if eq{$tls_cipher}{}{}{*}}
  .endif

 login_courier_authdaemon:
  driver = plaintext
  public_name = LOGIN
  server_prompts = Username:: : Password::
  server_condition = \
    ${extract {ADDRESS} \
              {${readsocket{/var/run/courier/authdaemon/socket} \
              {AUTH ${strlen:exim\nlogin\n$1\n$2\n}\nexim\nlogin\n$1\n$2\n} }} \
              {yes} \
              fail}
  server_set_id = $1
  .ifndef AUTH_SERVER_ALLOW_NOTLS_PASSWORDS
  server_advertise_condition = ${if eq{$tls_cipher}{}{}{*}}
  .endif
#endif ISPCONFIG_COURIER_AUTH
.endif


Don't forget you need to add whatever file ISPConfig is using to generate local domains. Either edit /etc/exim4/update-exim4.conf.conf to set dc_other_hostnames. Eg:
Code:

dc_other_hostnames='/etc/exim4/local-host-names'
I'm not sure if running "dpkg-reconfigure exim4-config" will work with putting in a file name.

I think ISPConfig will have write permission on the files in my confs by default.


All times are GMT +2. The time now is 21:01.

Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.