On Mon, Jul 16, 2007 at 03:07:00PM +0200, Steven Lobbezoo wrote:> However, I still have some problems configuring exim4 properly. > If you''re not into that day-to-day, its very complicated.Yes. E-Mail is rocket science.> Now, my setup is quite simple and common (i think), so there must be > a -sample- config file somewhere i can use.It might be common, but it is not simple at all.> I have local user on my system. > I have remote users, Using KMail or Evolution, that I want to use Login > or something like that. The remote users all have a local account!I advise against using system accounts for e-mail authentication. My reasoning is documented in README.Debian. There is also documentation about how to do this if you insist.> A nice to have would be some spam-filtering.I believe that the Debian spamassassin packages have documentation about how to use exim''s content scanning feature to interface with spamassassin. If not, there is some documentation on the upstream wiki.> Does anyone have a tip where I can find such a config file.Never ever use an exim configuration that you do not fully understand. Don''t use random tips googled for on the internet until you understand what they do. Read the available docs, and ask smart questions (your question was not all _that_ bad).> If I use the standard Debian scripts with dpkg, I allways end up with > a non-usable system,That''s not smart. What does not work?> or an completely open system.If you use SMTP AUTH, you do not need to allow relaying from specified IP addresses. SMTP AUTH is completely independent of that. Just leave the answer to the debconf question about which networks to relay for empty. Greetings Marc -- ----------------------------------------------------------------------------- Marc Haber | "I don''t trust Computers. They | Mailadresse im Header Mannheim, Germany | lose things." Winona Ryder | Fon: *49 621 72739834 Nordisch by Nature | How to make an American Quilt | Fax: *49 3221 2323190
Hi, Forced by a hacker i just completely re-installed our server. (In principal exim4, MySQL 5 and Apache2). All works fine. However, I still have some problems configuring exim4 properly. If you''re not into that day-to-day, its very complicated. Now, my setup is quite simple and common (i think), so there must be a -sample- config file somewhere i can use. I have local user on my system. I have remote users, Using KMail or Evolution, that I want to use Login or something like that. The remote users all have a local account! I need for my users to be able to send mail anywhere in the world. I need to receive mail for my users (local), and only them. No relaying! A nice to have would be some spam-filtering. Does anyone have a tip where I can find such a config file. If I use the standard Debian scripts with dpkg, I allways end up with a non-usable system, or an completely open system. I have 7 domains on my server. It''s allways connected to the internet. Any help would be greatly appriciated. Steven
Le lundi 16 juillet 2007 14:19, Marc Haber a ?crit?:> On Mon, Jul 16, 2007 at 03:07:00PM +0200, Steven Lobbezoo wrote: > > However, I still have some problems configuring exim4 properly. > > If you''re not into that day-to-day, its very complicated. > > Yes. E-Mail is rocket science.Could not agree more> > > Now, my setup is quite simple and common (i think), so there must be > > a -sample- config file somewhere i can use. > > It might be common, but it is not simple at all. > > > I have local user on my system. > > I have remote users, Using KMail or Evolution, that I want to use Login > > or something like that. The remote users all have a local account! > > I advise against using system accounts for e-mail authentication. > My reasoning is documented in README.Debian. There is also > documentation about how to do this if you insist.Well, i have to, since these users all work in the company, and have other apps they use on the server to.> > > A nice to have would be some spam-filtering. > > I believe that the Debian spamassassin packages have documentation > about how to use exim''s content scanning feature to interface with > spamassassin. If not, there is some documentation on the upstream wiki.OK, il'''' read that> > > Does anyone have a tip where I can find such a config file. > > Never ever use an exim configuration that you do not fully understand. > Don''t use random tips googled for on the internet until you understand > what they do. Read the available docs, and ask smart questions (your > question was not all _that_ bad). > > > If I use the standard Debian scripts with dpkg, I allways end up with > > a non-usable system, > > That''s not smart. What does not work? > > > or an completely open system. >Either : no mail is accepted (all kinds of messages, but mainly : no relaying or : I cannot login anymore.> If you use SMTP AUTH, you do not need to allow relaying from specified > IP addresses. SMTP AUTH is completely independent of that. Just leave > the answer to the debconf question about which networks to relay for > empty.OK, but ... HOW to enable SMTP-AUTH. I tried to put the following line in update........: AUTH_CLIENT_ALLOW_NOTLS_PASSWORDS=''true'' But, no dice. The system never accepts any login method. I can only access it if I accept all and everything. And also : The problem is a bit more complicated : If a message comes from one of my users -> relay is ok If it comes from someone else -> only my users are acceptable.> > Greetings > MarcThanks, Steven
On Mon, Jul 16, 2007 at 05:05:59PM +0200, Steven Lobbezoo wrote:> Le lundi 16 juillet 2007 14:19, Marc Haber a ?crit?: > > I advise against using system accounts for e-mail authentication. > > My reasoning is documented in README.Debian. There is also > > documentation about how to do this if you insist. > Well, i have to, since these users all work in the company, and have other > apps they use on the server to.And they insist on storing the password that gives access to all of these shiny apps in their mail client?> > If you use SMTP AUTH, you do not need to allow relaying from specified > > IP addresses. SMTP AUTH is completely independent of that. Just leave > > the answer to the debconf question about which networks to relay for > > empty. > OK, but ... HOW to enable SMTP-AUTH. I tried to put the following line > in update........: > AUTH_CLIENT_ALLOW_NOTLS_PASSWORDS=''true'' > But, no dice. The system never accepts any login method.The server authenticators are commented out by default. Enable those you want to use by removing the comment sign. And, since you operate the server, and you are using system account passwords, do NOT (repeat NOT) allow unencrypted passwords. It is bad enough to have them stored on the clients, have them encrypted in transit. Please. http://pkg-exim4.alioth.debian.org/README/README.Debian.html#smtp-auth should give more advice. That file is also in the package, waiting to be read. Greetings Marc -- ----------------------------------------------------------------------------- Marc Haber | "I don''t trust Computers. They | Mailadresse im Header Mannheim, Germany | lose things." Winona Ryder | Fon: *49 621 72739834 Nordisch by Nature | How to make an American Quilt | Fax: *49 3221 2323190