oohara@libra.interq.or.jp
Copyright © 2001 by Oohara Yuuma.
| Revision History | ||
|---|---|---|
| Revision v0.5 | Fri, 7 Sep 2001 | Revised by: oohara |
| Added "Running Exim as a daemon" section. | ||
| Revision v0.4 | Tue, 7 Aug 2001 | Revised by: oohara |
| Added fetchmail in section 1, an explanation of "byname" in section 4, and a reference to BTS in section 5. | ||
| Revision v0.3 | Sat, 28 Jul 2001 | Revised by: oohara |
| Now this is a part of the Newbiedoc project. Added a new section, "Finding More Info". Divided section 4 into 2 subsections. | ||
| Revision v0.2 | Fri, 27 Jul 2001 | Revised by: oohara |
| Fixed broken link. Reduced hand-hacking in section 4. | ||
| Revision v0.1 | Thu, 26 Jul 2001 | Revised by: oohara |
| This is the initial draft. | ||
Exim is a mail transport agent (MTA). With Exim, you can:
get a message from some programs (cron, for example) via e-mail. This is especially useful if you are root, because you can see such a message (usually an important error message) even if you are not logged in to your machine when the error happens.
send an e-mail to a user on your machine without an internet service provider (ISP).
use fetchmail, which fetches mails from a POP (Post Office Protocol) server.
use procmail, a tool for distributing e-mails you received to right folders (directories) automatically before you read them.
This document assumes that:
you have only one machine.
you send e-mails outside of your machine with the SMTP (simple mail transfer protocol) server of your internet service provider (ISP).
you have installed Exim. To install Exim, do as root:
# apt-get install exim |
This section describes how to configure Exim to local use only --- only e-mails from your machine to a user on your machine are accepted.
The package "exim" comes with an useful tool to configure Exim, that is, eximconfig. Do as root:
# eximconfig |
Then you will see the following message.
I can do some automatic configuration of your mail system, by asking you a number of questions. Later you may have to confirm and/or correct your answers. In any case, comprehensive information on configuring exim is in the eximdoc package and in /usr/doc/exim/spec.txt [---Press return---] |
==============================================================================
You must choose one of the options below:
(1) Internet site; mail is sent and received directly using SMTP. If your
needs don't fit neatly into any category, you probably want to start
with this one and then edit the config file by hand.
(2) Internet site using smarthost: You receive Internet mail on this
machine, either directly by SMTP or by running a utility such as
fetchmail. Outgoing mail is sent using a smarthost. optionally with
addresses rewritten. This is probably what you want for a dialup
system.
(3) Satellite system: All mail is sent to another machine, called a "smart
host" for delivery. root and postmaster mail is delivered according
to /etc/aliases. No mail is received locally.
(4) Local delivery only: You are not on a network. Mail for local users
is delivered.
(5) No configuration: No configuration will be done now; your mail system
will be broken and should not be used. You must then do the
configuration yourself later or run this script, /usr/sbin/eximconfig,
as root. Look in /usr/share/doc/exim/example.conf.gz
Select a number from 1 to 5, from the list above.
Enter value (default=`1', `x' to restart): |
Names are spice:localhost! ============================================================================== Mail for the `postmaster' and `root' accounts is usually redirected to one or more user accounts, of the actual system administrators. By default, I'll set things up so that mail for `postmaster' and for various system accounts is redirected to `root', and mail for `root' is redirected to a real user. This can be changed by editing /etc/aliases. Note that postmaster-mail should usually be read on the system it is directed to, rather than being forwarded elsewhere, so (at least one of) the users you choose should not redirect their mail off this machine. Which user account(s) should system administrator mail go to ? Enter one or more usernames separated by spaces or commas . Enter `none' if you want to leave this mail in `root's mailbox - NB this is strongly discouraged. Also, note that usernames should be lowercase! Enter value (`x' to restart): |
The following configuration has been entered: ============================================================================== Mail generated on this system will have `spice' used as the domain part (after the @) in the From: field and similar places. The following domain(s) will be recognised as referring to this system: spice, localhost Mail for postmaster, root, etc. will be sent to oohara. Local mail is delivered. Is this OK ? Hit Return or type `y' to confirm it and install, or `n' to make changes (in which case we'll go round again, giving you your previous answers as defaults. (Y/n) |
Logically, you don't need an internet service provider (ISP) to send an e-mail to yourself --- you are here. Exim can deal with e-mails properly in such cases. In other words:
e-mails to an user on your machine (from your machine or from the outside of it) are delivered by your Exim.
e-mails from your machine to the outside of your machine are relayed to the SMTP (simple mail transfer protocol) server of your internet service provider (ISP), which delivers them.
e-mails from outside of your machine to the outside of your machine are rejected. This is important to prevent your machine from being abused by spammers.
Let's use eximconfig again, as root.
# eximconfig |
You already have an exim configuration. Continuing with eximconfig will overwrite it. It will not keep any local modifications you have made. If that is not your intention, you should break out now. If you do continue, then your existing file will be renamed with .O on the end. [---Press return---] |
==============================================================================
You must choose one of the options below:
(1) Internet site; mail is sent and received directly using SMTP. If your
needs don't fit neatly into any category, you probably want to start
with this one and then edit the config file by hand.
(2) Internet site using smarthost: You receive Internet mail on this
machine, either directly by SMTP or by running a utility such as
fetchmail. Outgoing mail is sent using a smarthost. optionally with
addresses rewritten. This is probably what you want for a dialup
system.
(3) Satellite system: All mail is sent to another machine, called a "smart
host" for delivery. root and postmaster mail is delivered according
to /etc/aliases. No mail is received locally.
(4) Local delivery only: You are not on a network. Mail for local users
is delivered.
(5) No configuration: No configuration will be done now; your mail system
will be broken and should not be used. You must then do the
configuration yourself later or run this script, /usr/sbin/eximconfig,
as root. Look in /usr/share/doc/exim/example.conf.gz
Select a number from 1 to 5, from the list above.
Enter value (default=`1', `x' to restart): |
============================================================================== What is the `visible' mail name of your system? This will appear on From: lines of outgoing messages. Enter value (default=`spice', `x' to restart): |
============================================================================== Does this system have any other names which may appear on incoming mail messages, apart from the visible name above (spice) and localhost? By default all domains will be treated the same; if you want different domain names to be treated differently, you will need to edit the config file afterwards: see the documentation for the "domains" director option. If there are any more, enter them here, separated with spaces or commas. If there are none, say `none'. Enter value (default=`none', `x' to restart): |
============================================================================== All mail from here or specified other local machines to anywhere on the internet will be accepted, as will mail from anywhere on the internet to here. Are there any domains you want to relay mail for---that is, you are prepared to accept mail for them from anywhere on the internet, but they are not local domains. If there are any, enter them here, separated with spaces or commas. You can use wildcards. If there are none, say `none'. If you want to relay mail for all domains that specify you as an MX, then say `mx' Enter value (default=`none', `x' to restart): |
============================================================================== Obviously, any machines that use us as a smarthost have to be excluded from the relaying controls, as using us to relay mail for them is the whole point. Are there any networks of local machines you want to relay mail for? If there are any, enter them here, separated with spaces or commas. You should use the standard address/length format (e.g. 194.222.242.0/24) If there are none, say `none'. You need to double the colons in IPv6 addreses (e.g. 5f03::1200::836f::::/48) Enter value (default=`none', `x' to restart): |
==============================================================================
You may want to filter out unsolicited commercial email, (UCE, also known
as spam). Unfortunately it is difficult keeping up with all the spamming
sites and abused relays.
The Realtime Blackhole List is a spam filter that someone else maintains
(see http://maps.vix.com/rbl/). They are very quick to add sites, so
if you bounce on this you may occasionally miss legitimate mail. Adding
a header is an alternative---then individual users can choose what to do
with RBL mail using their personal filter files.
Note that the RBL only works if you receive mail directly. If it is stored
for you at your ISP, the RBL won't work as it depends on the IP address the
connection comes from.
Would you like to use the RBL? ('f'ilter, 'r'eject, or 'n'o)?
Enter value (default=`n', `x' to restart): |
============================================================================== Which machine will act as the smarthost and handle outgoing mail? Enter value (`x' to restart): |
Names are localhost:spice! ============================================================================== Mail for the `postmaster' and `root' accounts is usually redirected to one or more user accounts, of the actual system administrators. By default, I'll set things up so that mail for `postmaster' and for various system accounts is redirected to `root', and mail for `root' is redirected to a real user. This can be changed by editing /etc/aliases. Note that postmaster-mail should usually be read on the system it is directed to, rather than being forwarded elsewhere, so (at least one of) the users you choose should not redirect their mail off this machine. Which user account(s) should system administrator mail go to ? Enter one or more usernames separated by spaces or commas . Enter `none' if you want to leave this mail in `root's mailbox - NB this is strongly discouraged. Also, note that usernames should be lowercase! Enter value (`x' to restart): |
============================================================================== You already have an /etc/aliases file. Do you want to replace this with a new one (the old one will be kept and renamed to aliases.O)? (y/n) Enter value (default=`y', `x' to restart): |
The following configuration has been entered: ============================================================================== Mail generated on this system will have `spice' used as the domain part (after the @) in the From: field and similar places. The following domain(s) will be recognised as referring to this system: localhost, spice Mail for postmaster, root, etc. will be sent to oohara. Local mail is delivered. Outbound remote mail is sent via fake.smtp.server. Is this OK ? Hit Return or type `y' to confirm it and install, or `n' to make changes (in which case we'll go round again, giving you your previous answers as defaults. (Y/n) |
Then, you must edit /etc/email-addresses by hand (as root). This is necessary for rewriting e-mail addresses in the header of e-mails.
# This file contains email addresses to use for outgoing mail. Any local # part not in here will be qualified by the system domain as normal. # # It should contain lines of the form: # #user: someone@isp.com #otheruser: someoneelse@anotherisp.com |
# This file contains email addresses to use for outgoing mail. Any local # part not in here will be qualified by the system domain as normal. # # It should contain lines of the form: # #user: someone@isp.com #otheruser: someoneelse@anotherisp.com oohara: oohara@libra.interq.or.jp |
That's all. Congratulations!. Try sending an e-mail to yourself without internet connection. Use "USERNAME@localhost" as a To: address, replacing USERNAME with your account name on your machine. (You may omit the "@localhost" part.) You can check the header of the e-mail to ensure that it didn't go outside of your machine.
Note that editing /etc/exim.conf must be done by root.
How can I deal with syntactically wrong mail addresses such as "From: oohara@"?
Edit the "MAIN CONFIGURATION SETTINGS" part of /etc/exim.conf .
# The setting below would, if uncommented, cause Exim to check the syntax of # all the headers that are supposed to contain email addresses (To:, From:, # etc). This reduces the level of bounced bounces considerably. # headers_check_syntax |
headers_check_syntax |
Why doesn't the IP address of the SMTP (simple mail transfer protocol) server of my internet service provider (ISP) work?
See the "ROUTERS CONFIGURATION" part of /etc/exim.conf .
# Send all mail to a smarthost smarthost: driver = domainlist transport = remote_smtp route_list = "* 666.666.666.666 bydns_a" |
# Send all mail to a smarthost smarthost: driver = domainlist transport = remote_smtp route_list = "* 666.666.666.666 byname" |
How can I rewrite USERNAME@localhost as well as USERNAME@HOSTNAME ?
Edit the "REWRITE CONFIGURATION" part of /etc/exim.conf .
# This rewriting rule is particularly useful for dialup users who
# don't have their own domain, but could be useful for anyone.
# It looks up the real address of all local users in a file
*@spice ${lookup{$1}lsearch{/etc/email-addresses}\
{$value}fail} bcfrF |
*@localhost ${lookup{$1}lsearch{/etc/email-addresses}\
{$value}fail} bcfrF |
# This rewriting rule is particularly useful for dialup users who
# don't have their own domain, but could be useful for anyone.
# It looks up the real address of all local users in a file
*@spice ${lookup{$1}lsearch{/etc/email-addresses}\
{$value}fail} bcfrF
*@localhost ${lookup{$1}lsearch{/etc/email-addresses}\
{$value}fail} bcfrF |
On a Debian system, Exim will run from inetd (8). This is dangerous because an attacker can stop Exim working by opening many (100 will be enough) connections to it, preventing it to handle any more connection.
You can avoid this attack by running Exim as a daemon. Edit the file /etc/inetd.conf as root.
#:MAIL: Mail, news and uucp services. smtp stream tcp nowait mail /usr/sbin/exim exim -bs |
#:MAIL: Mail, news and uucp services. #smtp stream tcp nowait mail /usr/sbin/exim exim -bs |
# /etc/init.d/exim start |
If you want to know how to use the command "exim", see the manual page.
$ man exim |
For a deadly serious user who wants to know everything about Exim, a complete specification of Exim is available. Install exim-doc-html with this command (as root)
# apt-get install exim-doc-html |
The Exim Home Page (http://www.exim.org) is also available.
If something is wrong with exim, it may be one of the known bugs.