Exim4 is another Message Transfer Agent (MTA) developed at the University of Cambridge for use on Unix systems connected to the Internet. Exim can be installed in place of sendmail, although the configuration of exim is quite different to that of sendmail.
To configure Exim4, run the following command:
sudo dpkg-reconfigure exim4-config
The user interface will be displayed. The user interface lets you configure many parameters. For example, In Exim4 the configuration files are split among multiple files. If you wish to have them in one file you can configure accordingly in this user interface.
All the parameters you configure in the user interface are
stored in
/etc/exim4/update-exim4.conf.conf
file.
If you wish to re-configure, either you re-run the
configuration wizard or manually edit this file
using your favourite editor. Once you configure, you can run
the following command to generate the master configuration
file:
sudo update-exim4.conf
The master configuration file, is generated and
it is stored in
/var/lib/exim4/config.autogenerated
.
At any time, you should not edit the master configuration
file,
|
You can run the following command to start Exim4 daemon.
sudo /etc/init.d/exim4 start
This section covers configuring Exim4 to use SMTP-AUTH with TLS and SASL.
The first step is to create a certificate for use with TLS. Enter the following into a terminal prompt:
sudo /usr/share/doc/exim4-base/examples/exim-gencert
Now Exim4 needs to be configured for TLS by editing /etc/exim4/conf.d/main/03_exim4-config_tlsoptions
add the following:
MAIN_TLS_ENABLE = yes
Next you need to configure Exim4 to use the saslauthd
for authentication. Edit /etc/exim4/conf.d/auth/30_exim4-config_examples
and uncomment
the plain_saslauthd_server and login_saslauthd_server sections:
plain_saslauthd_server:
driver = plaintext
public_name = PLAIN
server_condition = ${if saslauthd{{$auth2}{$auth3}}{1}{0}}
server_set_id = $auth2
server_prompts = :
.ifndef AUTH_SERVER_ALLOW_NOTLS_PASSWORDS
server_advertise_condition = ${if eq{$tls_cipher}{}{}{*}}
.endif
#
login_saslauthd_server:
driver = plaintext
public_name = LOGIN
server_prompts = "Username:: : Password::"
# don't send system passwords over unencrypted connections
server_condition = ${if saslauthd{{$auth1}{$auth2}}{1}{0}}
server_set_id = $auth1
.ifndef AUTH_SERVER_ALLOW_NOTLS_PASSWORDS
server_advertise_condition = ${if eq{$tls_cipher}{}{}{*}}
.endif
Finally, update the Exim4 configuration and restart the service:
sudo update-exim4.conf
sudo /etc/init.d/exim4 restart
This section provides details on configuring the saslauthd to provide authentication for Exim4.
The first step is to install the sasl2-bin package. From a terminal prompt enter the following:
sudo apt-get install sasl2-bin
To configure saslauthd edit the /etc/default/saslauthd configuration file and set START=no to:
START=yes
Next the Debian-exim user needs to be part of the sasl group in order for Exim4 to use the saslauthd service:
sudo adduser Debian-exim sasl
Now start the saslauthd service:
sudo /etc/init.d/saslauthd start
Exim4 is now configured with SMTP-AUTH using TLS and SASL authentication.