blob: 5cfed628c383e3abf2d327ba85d87c995c08ec2e (
plain) (
tree)
|
|
<!DOCTYPE html>
<html dir="ltr" lang="en">
<head>
<meta charset='utf-8'>
<title>2.5. Exim</title>
</head>
<body>
<a href="index.html">GNU/Linux Index</a>
<h1>2.5. Exim</h1>
<h2 id="conf">2.5.1. Exim Configuration</h2>
<p>Exim come with default configuration we will change to mach system settings
<a href="conf/etc/exim/exim.conf">/etc/exim/exim.conf</a>.</p>
<pre>
$ sudo prt-get depinst mailx
</pre>
<h2 id="cert">2.5.2. Certificates</h2>
<p>Exim creates a key for you if you just copy exim.conf and start daemon;</p>
<pre>
# cp /home/username/data/git/doc/core/conf/exim/exim.conf /etc/exim/exim.conf
# sh /etc/rc.d/exim start
SSL certificate /etc/ssl/certs/exim.crt with key /etc/ssl/keys/exim.key for host machine.example created
#
</pre>
<p>Manually create a private key;</p>
<pre>
$ sudo mkdir /etc/ssl/keys
</pre>
<pre>
$ sudo openssl req -x509 -newkey rsa:2048 -keyout /etc/ssl/keys/exim.key -out /etc/ssl/certs/exim.cert -days 9000 -nodes
Generating a 2048 bit RSA private key
...........................................+++
..............+++
writing new private key to '/etc/ssl/keys/exim.key'
-----
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [AU]:PT
State or Province Name (full name) [Some-State]:
Locality Name (eg, city) []:
Organization Name (eg, company) [Internet Widgits Pty Ltd]:
Organizational Unit Name (eg, section) []:
Common Name (e.g. server FQDN or YOUR name) []:machine.example.org
Email Address []:postmaster@machine.example.org
#
</pre>
<pre>
# chown mail:mail /etc/ssl/keys/exim.key
# chmod 0600 /etc/ssl/keys/exim.key
# chmod 644 /etc/ssl/certs/exim.cert
</pre>
<h2 id="alias">2.5.3. Aliases</h2>
<p>Exim come with default aliases we will change to mach system settings
<a href="conf/etc/exim/aliases">/etc/exim/aliases;</a></p>
<pre>
# Default aliases file, installed by Exim. This file contains no real aliases.
# You should edit it to taste.
# The following alias is required by the mail RFCs 2821 and 2822.
# Set it to the address of a HUMAN who deals with this system's mail problems.
postmaster: machine-admin
# It is also common to set the following alias so that if anybody replies to a
# bounce message from this host, the reply goes to the postmaster.
mailer-daemon: postmaster
# You should also set up an alias for messages to root, because it is not
# usually a good idea to deliver mail as root.
root: postmaster
# It is a good idea to redirect any messages sent to system accounts so tha
# they don't just get ignored. Here are some common examples:
bin: root
daemon: root
ftp: root
nobody: root
operator: root
uucp: root
# You should check your /etc/passwd for any others.
# Other commonly enountered aliases are:
#
# abuse: the person dealing with network and mail abuse
# hostmaster: the person dealing with DNS problems
# webmaster: the person dealing with your web site
####
</pre>
<h2 id="smarthost">2.5.4. Smarthost</h2>
<p>Tony Finch publish a nice
<a href="http://www-uxsup.csx.cam.ac.uk/~fanf2/hermes/conf/exim/etc/etc.cam/configure">configuration reference</a>.
</p>
<p>File /etc/exim/alias rewrite addresses when receiving,
return_path and headers_rewrite rewrite addresses in header
(envelop) while main rewrite apply rewriting to all.</p>
<p>Test sender rewriting;</p>
<pre>
# exim -brw bob@box
# exim -brw bob@remote.com
</pre>
<p>Test routing;</p>
<pre>
# exim -bt bob@box
# exim -bt bob@remote.com
</pre>
<h2 id="fetchmail">2.5. Fetchmail</h2>
<pre>
$ prt-get depinst fetchmail
</pre>
<pre>
$ sudo su
# mkdir /var/lib/fetchmail
# mkdir /var/run/fetchmail
# useradd -r fetchmail
# chown fetchmail /var/lib/fetchmail
# chown fetchmail /var/run/fetchmail
</pre>
<p>Create /etc/rc.d/fetchmail and add fetchmail to /etc/rc.conf;</p>
<pre>
#!/bin/sh
#
# /etc/rc.d/fetchmail: start/stop fetchmail daemon
#
SSD=/sbin/start-stop-daemon
PROG=/usr/bin/fetchmail
PID=/var/run/fetchmail/fetchmail.pid
IDS=/var/lib/fetchmail/.fetchids
PUID=45
PGID=100
OPTS="-f /etc/fetchmailrc -i $IDS --pidfile $PID --syslog -v"
case $1 in
start)
$SSD --chuid $PUID:$PGID --user $PUID --exec $PROG --start -- $OPTS
;;
stop)
$SSD --stop --remove-pidfile --retry 10 --pidfile $PID
;;
restart)
$0 stop
$0 start
;;
reload)
$SSD --stop --signal HUP --pidfile $PID
;;
status)
$SSD --status --pidfile $PID
case $? in
0) echo "$PROG is running with pid $(head -1 $PID)" ;;
1) echo "$PROG is not running but the pid file $PID exists" ;;
3) echo "$PROG is not running" ;;
4) echo "Unable to determine the program status" ;;
esac
;;
*)
echo "usage: $0 [start|stop|restart|reload|status]"
;;
esac
# End of file
</pre>
<p>Create /etc/fetchmailrc;</p>
<pre>
# This file must be chmod 0600, owner fetchmail
set daemon 300 # Pool every 5 minutes
set syslog # log through syslog facility
set postmaster admin@box
set no bouncemail # avoid loss on 4xx errors
# on the other hand, 5xx errors get
# more dangerous...
##########################################################################
# Hosts to pool
##########################################################################
# Defaults ===============================================================
# Set antispam to -1, since it is far safer to use that together with
# no bouncemail
defaults:
timeout 300
antispam -1
batchlimit 100
poll pop.remote.com protocol POP3 user "drbob@remote.com" there with password "secretpass" is "bob@box" here
</pre>
<a href="index.html">GNU/Linux Index</a>
<p>
This is part of the LeetIO System Documentation.
Copyright (C) 2021
LeetIO Team.
See the file <a href="../fdl-1.3-standalone.html">Gnu Free Documentation License</a>
for copying conditions.</p>
</body>
</html>
|