Differences between version 67 and predecessor to the previous major change of EximNotes.
Other diffs: Previous Revision, Previous Author, or view the Annotated Edit History
| Newer page: | version 67 | Last edited on Wednesday, August 23, 2006 8:03:36 pm | by CraigBox | Revert |
| Older page: | version 65 | Last edited on Wednesday, August 23, 2006 4:18:00 pm | by CraigBox | Revert |
@@ -1,7 +1,7 @@
-!!! Careful
about editing the configuration
+!!! Be careful
about editing the configuration
-Since [Exim] (version 3) rereads its configuration on every delivery attempt, it is unadvisable to edit a live configuration file.
+Since [Exim] (version 3) rereads its configuration on every delivery attempt, it is unadvisable to edit a live configuration file. If you're using [Debian] and 4.x, the config it uses isn't the one you edit (it gets generated on init-script-reload), so you're OK
.
!!! Removing all frozen messages in an [Exim] queue
Lots of bounce messages to fake [Email] addresses from spam?
@@ -105,9 +105,8 @@
query = "ldap://127.0.0.1/ou=Aliases,o=$domain,ou=Domains,BASEDN?mailAlias?sub?cn=$local_part"
</verbatim>
but there are probably other ways of doing this too :)
-
!!! Delivering to [Cyrus]21 from [Exim] 3.3 ([Woody])
The mighty Cuchulain's config:
@@ -160,12 +159,20 @@
cyrus_ltcp:
debug_print = "T: cyrus_ltcp for $local_part@$domain"
driver = smtp
protocol = lmtp
- hosts = carbon.meta.net.nz
+ hosts = localhost
allow_localhost
</verbatim>
+!!! LMTP callbacks
+
+Another thing you can do with Exim and Cyrus-IMAP integration is described at [Cyrus Imap page of Exim Wiki | http://www.exim.org/eximwiki/CyrusImap]. It allows Cyrus to check the existence of mailboxes *before* replying to "RCPT TO:" or "MAIL FROM:". Exim does not have to send back bounces in reply to
+"dictionary recipient" spam.
+
+It is best suited for integration with [Cyrus-IMAP virtual domains | http://asg.web.cmu.edu/cyrus/download/imapd/install-virtdomains.html].
+
+See also [LMTPNotes].
!!! Using MailDir format instead of [MBox]
This is for version 3.35 (the version with [Debian] [Woody]).
@@ -294,24 +301,8 @@
!!! Testing a new transport on a live system
<tt>prefix = test-</tt> is your friend
-
-!!! See also
-
-* EximSmtpAuth
-* EximFilter
-* [INBOX Autocreate Cyrus Patch | http://email.uoa.gr/projects/cyrus/autocreate/]
-
-!!! Alternative Method
-
-Another method of Exim and Cyrus-IMAP integration is described at [Exim and LMTP callouts to Cyrus | http://anfi.homeunix.net/exim/rtvcyrus.html]. It allows cyrus to check existence of cyrus mailbox
-*before* replying to "RCPT TO:" or "MAIL FROM:". Exim does not have to send back bounces in reply to
-"dictionary recipient" spam.
-
-It is best suited for integration with [Cyrus-IMAP virtual domains | http://asg.web.cmu.edu/cyrus/download/imapd/install-virtdomains.html].
-
-The method is also described in [Cyrus Imap page of Exim Wiki | http://www.exim.org/eximwiki/CyrusImap]
!!! Implementing [SPF] in [Exim] 4 using [exiscan-acl | http://duncanthrax.net/exiscan-acl/]
Section 8 of the [exiscan-acl patch documentation | http://duncanthrax.net/exiscan-acl/exiscan-acl-spec.txt] explains how to do it if you've compiled [SPF] into [Exim]. Otherwise, you can do so so via the [Mail::SPF::Query | http://search.cpan.org/dist/Mail-SPF-Query/] [Perl] module. [Appending A.7 | http://slett.net/spam-filtering-for-mx/exim-spf.html] of [Spam Filtering for Mail Exchangers | http://slett.net/spam-filtering-for-mx/] shows both approaches.
@@ -443,9 +434,9 @@
</pre>
in your <tt>main</tt> section. Between 4.03 and 4.43, you can use [the -tls-on-connect command line parameter|http://exim.netmirror.org/exim-html-4.40/doc/html/FAQ_17.html#TOC322].
-587 is harder, because the rules are "either SMTP AUTH or SSL". [An Exim SSL/TLS recipe|http://www.exim.org/mail-archives/exim-users/Week-of-Mon-20030210/msg00257.html] was posted to the list, which suggests (updated):
+587 is harder, because the rules are "either SMTP AUTH or SSL". [An Exim SSL/TLS recipe|http://www.exim.org/mail-archives/exim-users/Week-of-Mon-20030210/msg00257.html] was posted to the list, which suggests (updated, and with client certs removed - you really want to only use SMTP AUTH
):
<pre>
# wlug: listen on 25 (smtp), 465 (ssmtp for Outlook) and 587 (submission)
daemon_smtp_port = 25:465:587
@@ -453,28 +444,29 @@
# uncomment to only allow auth if you're on by SSL
# auth_advertise_hosts = ${if eq{$tls_cipher}{}{localhost}{*}}
tls_advertise_hosts = *
-tls_try_verify_hosts = ${if eq{$interface_port}{587}{*}{}}
tls_certificate = /etc/exim4/server-cert.pem
tls_privatekey = /etc/exim4/server-key.pem
-tls_verify_certificates = /etc/exim/CA-file.pem
</pre>
..and in your RCPT ACL (near the top):
<pre>
accept authenticated = *
encrypted = *
-
- accept encrypted = *
- verify = certificate
accept condition = ${if eq{$interface_port}{587}{1}{0}}
endpass
- message = SMTP AUTH or client SSL certificate
required for port 587
+ message = SMTP AUTH required for port 587
authenticated = *
</pre>
+
+!!! See also
+
+* EximSmtpAuth
+* EximFilter
+* [INBOX Autocreate Cyrus Patch | http://email.uoa.gr/projects/cyrus/autocreate/]
----
Part of CategoryMailNotes
