1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
|
<!DOCTYPE html>
<html dir="ltr" lang="en">
<head>
<meta charset='utf-8'>
<title>2.5. Exim</title>
</head>
<body>
<a href="index.html">Core OS Index</a>
<h1>2.5. Exim</h1>
<h2 id="conf">2.5.1. Exim Configuration</h2>
<p>Exim come with default configuration we will change to mach system settings
<a href="conf/etc/exim/exim.conf">/etc/exim/exim.conf</a>.</p>
<h2 id="cert">2.5.2. Certificates</h2>
<p>Create private key, this example issues a certificate to
core.privat-server.net, if you wish get a subdomain from
<a href="http://freedns.afraid.org">afraid.org</a>
pointing to your public ip.
</p>
<pre>
$ sudo mkdir /etc/ssl/keys
</pre>
<pre>
$ sudo openssl req -x509 -newkey rsa:2048 -keyout /etc/ssl/keys/exim.key -out /etc/ssl/certs/exim.cert -days 9000 -nodes
Generating a 2048 bit RSA private key
...........................................+++
..............+++
writing new private key to '/etc/ssl/keys/exim.key'
-----
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [AU]:PT
State or Province Name (full name) [Some-State]:
Locality Name (eg, city) []:
Organization Name (eg, company) [Internet Widgits Pty Ltd]:
Organizational Unit Name (eg, section) []:
Common Name (e.g. server FQDN or YOUR name) []:core.privat-server.net
Email Address []:postmaster@core.privat-server.net
#
</pre>
<pre>
# chown mail:mail /etc/ssl/keys/exim.key
# chmod 0600 /etc/ssl/keys/exim.key
# chmod 644 /etc/ssl/certs/exim.cert
</pre>
<h2 id="alias">2.5.3. Aliases</h2>
<p>Exim come with default aliases we will change to mach system settings
<a href="conf/etc/exim/aliases">/etc/exim/aliases;</a></p>
<pre>
# Default aliases file, installed by Exim. This file contains no real aliases.
# You should edit it to taste.
# The following alias is required by the mail RFCs 2821 and 2822.
# Set it to the address of a HUMAN who deals with this system's mail problems.
postmaster: c9admin
# It is also common to set the following alias so that if anybody replies to a
# bounce message from this host, the reply goes to the postmaster.
mailer-daemon: postmaster
# You should also set up an alias for messages to root, because it is not
# usually a good idea to deliver mail as root.
root: postmaster
# It is a good idea to redirect any messages sent to system accounts so tha
# they don't just get ignored. Here are some common examples:
bin: root
daemon: root
ftp: root
nobody: root
operator: root
uucp: root
# You should check your /etc/passwd for any others.
# Other commonly enountered aliases are:
#
# abuse: the person dealing with network and mail abuse
# hostmaster: the person dealing with DNS problems
# webmaster: the person dealing with your web site
####
</pre>
<h2 id="smarthost">2.5.4. Smarthost</h2>
<p>Tony Finch publish a nice
<a href="http://www-uxsup.csx.cam.ac.uk/~fanf2/hermes/conf/exim/etc/etc.cam/configure">configuration reference</a>.
</p>
<p>File /etc/exim/alias rewrite addresses when receiving,
return_path and headers_rewrite rewrite addresses in header
(envelop) while main rewrite apply rewriting to all.</p>
<p>Test sender rewriting;</p>
<pre>
# exim -brw bob@box
# exim -brw bob@remote.com
</pre>
<p>Test routing;</p>
<pre>
# exim -bt bob@box
# exim -bt bob@remote.com
</pre>
<h2 id="fetchmail">2.5. Fetchmail</h2>
<pre>
$ prt-get depinst fetchmail
</pre>
<pre>
$ sudo su
# mkdir /var/lib/fetchmail
# mkdir /var/run/fetchmail
# useradd -r fetchmail
# chown fetchmail /var/lib/fetchmail
# chown fetchmail /var/run/fetchmail
</pre>
<p>Create /etc/rc.d/fetchmail and add fetchmail to /etc/rc.conf;</p>
<pre>
#!/bin/sh
#
# /etc/rc.d/fetchmail: start/stop fetchmail daemon
#
SSD=/sbin/start-stop-daemon
PROG=/usr/bin/fetchmail
PID=/var/run/fetchmail/fetchmail.pid
IDS=/var/lib/fetchmail/.fetchids
PUID=45
PGID=100
OPTS="-f /etc/fetchmailrc -i $IDS --pidfile $PID --syslog -v"
case $1 in
start)
$SSD --chuid $PUID:$PGID --user $PUID --exec $PROG --start -- $OPTS
;;
stop)
$SSD --stop --remove-pidfile --retry 10 --pidfile $PID
;;
restart)
$0 stop
$0 start
;;
reload)
$SSD --stop --signal HUP --pidfile $PID
;;
status)
$SSD --status --pidfile $PID
case $? in
0) echo "$PROG is running with pid $(head -1 $PID)" ;;
1) echo "$PROG is not running but the pid file $PID exists" ;;
3) echo "$PROG is not running" ;;
4) echo "Unable to determine the program status" ;;
esac
;;
*)
echo "usage: $0 [start|stop|restart|reload|status]"
;;
esac
# End of file
</pre>
<p>Create /etc/fetchmailrc;</p>
<pre>
# This file must be chmod 0600, owner fetchmail
set daemon 300 # Pool every 5 minutes
set syslog # log through syslog facility
set postmaster admin@box
set no bouncemail # avoid loss on 4xx errors
# on the other hand, 5xx errors get
# more dangerous...
##########################################################################
# Hosts to pool
##########################################################################
# Defaults ===============================================================
# Set antispam to -1, since it is far safer to use that together with
# no bouncemail
defaults:
timeout 300
antispam -1
batchlimit 100
poll pop.remote.com protocol POP3 user "drbob@remote.com" there with password "secretpass" is "bob@box" here
</pre>
<a href="index.html">Core OS Index</a>
<p>
This is part of the c9 Manual.
Copyright (C) 2016
c9 team.
See the file <a href="../fdl-1.3-standalone.html">Gnu Free Documentation License</a>
for copying conditions.</p>
</body>
</html>
|