Home
Main website
Display Sidebar
Hide Ads
Recent Changes
View Source:
EximNotes
Edit
PageHistory
Diff
Info
LikePages
You are viewing an old revision of this page.
View the current version
.
!!! Careful about editing the configuration Since [Exim] rereads its configuration on every delivery attempt, it is unadvisable to edit a live configuration file. !!! Removing all frozen messages in an [Exim] queue Lots of bounce messages to fake [Email] addresses from spam? <verbatim> mailq | awk '/frozen/ { print $3 }' | xargs exim -Mrm </verbatim> !!! Setting up [Exim] as a mail filter for another machine that does mail delivery (eg MicrosoftExchange) See EximMailFilter. !!! Setting up [Exim] to use [LDAP] aliasing and to deliver via [Cyrus] [IMAP] If you're running [Exim] 3, make sure to read the notes at the bottom of this entry. First, in the <tt>router</tt> section of <tt>exim.conf</tt>, add a router for [Cyrus] (at the top) as follows: <verbatim> local_user_cyrus: driver = accept check_local_user local_part_suffix = +* transport = local_delivery_cyrus </verbatim> Note that the <tt>local_part_suffix</tt> part allows you to specify <tt>user+mailfolder@domain</tt>... and the command in the <tt>local_delivery_cyrus</tt> section takes care of delivering to the correct subfolder of inbox. Next, in the <tt>transport</tt> section, add a transport to allow delivery via [Cyrus]: <verbatim> local_delivery_cyrus: driver = pipe command = /usr/libexec/cyrus/deliver -m ${substr_1:$local_part_suffix} -- $local_part user = cyrus group = mail return_output log_output message_prefix = message_suffix = </verbatim> Finally, you will need to modify your alias resolution to use [LDAP]. This is based on my [LDAP] configuration, which consists of an Organisational Unit (OU) of Aliases, each container having an attribute <tt>rfc822MailMember</tt>, containing the real mailbox. An example: <verbatim> dn: cn=greg,ou=Aliases,dc=compel,dc=co,dc=nz rfc822MailMember: greig objectClass: nisMailAlias objectClass: top cn: greg </verbatim> This fixes the fact that no one can deal with the fact that GreigMcGill has an "i" in his name! ;) So... back to <tt>exim.conf</tt>... the alias router looks like the following: <verbatim> system_aliases: driver = redirect allow_fail allow_defer data = ${lookup ldap {ldap://10.0.0.1/cn=$local_part,\ ou=Aliases,dc=compel,dc=co,dc=nz?rfc822MailMember?base}} file_transport = address_file pipe_transport = address_pipe </verbatim> Now, this assumes that your system is like mine, where each user is a real account, and <tt>getpwnam()</tt> and the like will return usernames out of [LDAP] via [PAM]. If this is the case, the above configuration should be all you need. If you are running a "black box" MailServer, then some other kind soul may like to add the required configuration below. If you have a different [LDAP] [Schema] to the one mentioned above, either because your system installed a different set of [Schema] for the equivalent entries, or you are running a custom [Schema] that handles multiple virtual domain hosting without unix accounts, then just modify your [LDAP] lookups appropriately. As a hint: <verbatim> data = ${lookup ldap {ldap://127.0.0.1/cn=$local_part,\ ou=Aliases,o=$domain,dc=wlug,dc=org,dc=nz?mailAlias?base}} </verbatim> If my system recieves mail to say <tt>daniel@wlug.org.nz</tt>, it will for the dn given as: <verbatim> cn=daniel,ou=Aliases,o=wlug.org.nz,dc=wlug,dc=org,dc=nz </verbatim> and return the <tt>mailAlias</tt> attribute. Between [Exim], SendMail, [Postfix] and Courier, [Exim] has been the easiest to set up with a custom [LDAP] [Schema] by far. SendMail supposedly supports it, but in practice doesn't. [Postfix] is SendMail with a pretty configuration file, and has worse support for custom [LDAP] [Schema]s [IMO]. [Exim] > *. !! [Exim] 3 The above system will work with previous version of [Exim], however the format might be slightly different (not confirmed this, I just base this off what I've done with [Exim] 3.3.5) The main difference is in the query line in the Aliases director example above: <verbatim> data = ${lookup ldap {ldap://10.0.0.1/cn=$local_part,\ ou=Aliases,dc=compel,dc=co,dc=nz?rfc822MailMember?base}} </verbatim> I always used something that looked like: <verbatim> query = "ldap://127.0.0.1/ou=Aliases,o=$domain,ou=Domains,BASEDN?mailAlias?sub?cn=$local_part" </verbatim> but there are probably other ways of doing this too :) !!! Delivering to [Cyrus]21 from [Exim] 3.3 ([Woody]) The mighty Cuchulain's config: Transport: __NOTE:__ this __must__ be placed somewhere sensible in the transports list. ie, before any transports for procmail(1), <tt>userforward</tt>, or <tt>local_user</tt> delivery.) <verbatim> local_delivery_cyrus: driver = pipe command = "/usr/sbin/cyrdeliver -m ${substr_1:${local_part_suffix}} -- ${local_part}" user = cyrus group = mail envelope_to_add = true return_output log_output prefix = suffix = </verbatim> Director: <verbatim> local_user_cyrus: driver = localuser transport = local_delivery_cyrus </verbatim> !!! Using MailDir format instead of [MBox] This is for version 3.35 (the version with [Debian] [Woody]). The default is to deliver local mail to <tt>/var/spool/mail/$USERNAME</tt> in [MBox] format. In the <tt>local_delivery</tt> section of <tt>exim.conf</tt>, remove the line that says <verbatim> file = /var/spool/mail/${local_part} </verbatim> and add lines that say <verbatim> create_directory = true directory = /home/${local_part}/Maildir/ directory_mode = 770 maildir_format </verbatim> Easy peasy. :) But see the comment below about possible gotchas, as this is just the basic bit. !!! [Exim] can deliver to Inbox but can't deliver to forwarded mailboxes (subfolders etc) I have [Exim filtering|EximFilter] set up in a <tt>.forward</tt> file to drop all my [Email] into the right place. However, I was getting lots of messages like this in my logs: <verbatim> 2003-04-21 19:38:04 196iGy-00005j-01 == /home/user/Maildir/.Mailing Lists.WLUG/ <user@localhost> D=userforward defer (-31): directory_transport unset in userforward driver </verbatim> The problem? <tt>exim.conf</tt> was set up for MailDir support, but for some reason the config for the directory delivery agent wasn't linked to the forwarding section. Ensure <tt>address_directory</tt> has <tt>Maildir</tt> uncommented, and then find the <tt>userforward</tt> section. Under <tt>file_transport = address_file</tt>, set <verbatim> directory_transport = address_directory </verbatim> and rerun the queue, forcing redelivery if necessary, with <tt>exim -qff</tt>. !!! [Exim] 3 generates some message about unable to deliver due to a child process failure This when used in conjunction with [Cyrus] [IMAP] can be caused by trying to deliver to a mailbox which has reached it's maximum quota limit. The exim_mainlog entry looks similar to the following: <verbatim> 2004-01-08 11:08:12 1AeLqW-0007k0-00 == gerwin@north.pub.tla T=local_delivery_cyrus defer (0): Child process of local_delivery_cyrus transport returned 75 (could mean temporary error) from command: /usr/lib/cyrus-imapd/deliver </verbatim> !!! Configuring Exim4 with a virtual domain table/users in text files (If you have multiple domains on the same machine, and users account names don't correspond to their [Email] addresses.) In the top section of your <tt>exim.conf</tt> <verbatim> domainlist local_domains = @ : \ @[] : \ localhost : \ partial-lsearch;/etc/exim/virtual.domains </verbatim> and underneath the part where it says something like <verbatim> real_local: driver = accept check_local_user local_part_prefix = real- transport = local_delivery </verbatim> add a section <verbatim> virtual: driver = redirect allow_defer allow_fail data = ${lookup{$local_part@$domain}lsearch*@{/etc/exim/virtual.users}} domains = partial-lsearch;/etc/exim/virtual.domains retry_use_local_part </verbatim> now you will need file called <tt>virtual.domains</tt> that is simply a list of all the domains for which you accept mail, and a <tt>virtual.users</tt> file with a table of users in the format: <tt>virtual.domains</tt>:: <verbatim> example.com example.net </verbatim> <tt>virtual.users</tt>:: <verbatim> #example.com regularuser@example.com : localuser forwardinguser@example.com : someuser@example.org *@example.com : catchalluser #example.net regularuser@example.net : localuser2 forwardinguser@example.net : someuser2@example.org *@example.net : catchall2 </verbatim> --BlairHarrison !!! Connections to [Exim] take a long time to work (Exim is slow to show the [SMTP] banner) Check that your [DNS] and hosts(5) settings are correct, and that you can correctly resolve hosts on the server. If this all works as desired but connections are still slow, it could be an [IDENT] timeout. Try either setting: <verbatim> rfc1413_hosts = * rfc1413_query_timeout = 0s </verbatim> or installing an [IDENT] server on the [Exim] machine. !!! Testing a new transport on a live system <tt>prefix = test-</tt> is your friend !!! See also * EximSmtpAuth * EximFilter * [INBOX Autocreate Cyrus Patch | http://email.uoa.gr/projects/cyrus/autocreate/] !!! Alternative Method Another method of Exim and Cyrus-IMAP integration is described at [Exim and LMTP callouts to Cyrus | http://anfi.homeunix.net/exim/rtvcyrus.html]. It allows cyrus to check existence of cyrus mailbox *before* replying to "RCPT TO:" or "MAIL FROM:". Exim does not have to send back bounces in reply to "dictionary recipient" spam. It is best suited for integration with [Cyrus-IMAP virtual domains | http://asg.web.cmu.edu/cyrus/download/imapd/install-virtdomains.html]. The method is also described in [Cyrus Imap page of Exim Wiki | http://www.exim.org/eximwiki/CyrusImap] !!! Implementing [SPF] in [Exim] 4 using [exiscan-acl | http://duncanthrax.net/exiscan-acl/] Section 8 of the [exiscan-acl patch documentation | http://duncanthrax.net/exiscan-acl/exiscan-acl-spec.txt] explains how to do it if you've compiled [SPF] into [Exim]. Otherwise, you can do so so via the [Mail::SPF::Query | http://search.cpan.org/dist/Mail-SPF-Query/] [Perl] module. [Appending A.7 | http://slett.net/spam-filtering-for-mx/exim-spf.html] of [Spam Filtering for Mail Exchangers | http://slett.net/spam-filtering-for-mx/] shows both approaches. http://www.meini.org/spf/ contains [Debian] [Package]s for the [Mail::SPF::Query | http://search.cpan.org/dist/Mail-SPF-Query/] and [Net::CIDR::Lite | http://search.cpan.org/dist/Net-CIDR-Lite/] modules and for [libspf | http://www.libspf.org/]. The packaged libspf version is pretty old though, you might consider installing from SourceCode. You'll also need [Net::DNS | http://search.cpan.org/dist/Net-DNS/], for which a [Debian] package can be found at [http://www.proesdorf.de/debian/]. Alternatively you could use [Evan's deb packages|http://evanjones.ca/software/libspf-alt-debian.html] but the newer code of [libspf2|http://libspf2.org/download.html] and build some new libspf2 packages. ---- Part of CategoryMailNotes
4 pages link to
EximNotes
:
MTA
Exim
PostfixNotes
CyrusNotes