Another late night trying to configure that Debian exim4 thingy…
I want to send email from Thunderbird using my Debian box as an SMTP relay.
The mailserver (exim4) will refuse to relay anything to an external domain if you’re not properly authenticated.
So here’s what I had to do (and thank God it finally works):
- Cleaned up my
/etc/exim4/exim4.conf.template
as previously discussed. - Generated SSL keys for TLS to use with
/usr/share/doc/exim4-base/examples/exim-gencert
- Activated TLS by writing
MAIN_TLS_ENABLE = true
into a file called/etc/exim4/exim4.conf.localmacros
- Activated authentication based on the courier-imap daemon I was already using for IMAP: in
/etc/exim4/exim4.conf.template
there is a section called AUTHENTIFICATION CONFIGURATION. In there I had to uncomment the blocks namedplain_courier_authdaemon
andlogin_courier_authdaemon
. I'm not really sure why I uncommented both, but... it works. - There I found out (later) that I needed to allow exim to access the courier-imap socket or my
/var/log/exim4
wouls state this:login_courier_authdaemon authenticator failed for xxx: 435 Unable to authenticate at present (set_id=yyy): failed to connect to socket /var/run/courier/authdaemon/socket: Permission denied
This can be solved by adding the right user to the rigth group:usermod -G daemon Debian-exim
. I'm not sure about how good/secure/clean this is, but it works. Comments welcome ;) - Regenerated the exim4 config with
update-exim4.conf
- Restarted exim with
/etc/init.d/exim4 restart
. I'm not sure this is needed, but it won't hurt...
Sometimes I wish I still had dear/hated old PLESK environment… :roll:
Bonus feature: make those sendings faster!
When you are connecting to the SMTP relay from behind a NAT firewall, there is a fairly high chance that the SMTP will try to RFC-1413 ident you but the firewall will drop the request. So the mailserver will wait for a response until it times out.
Exim4 does exactly that with a 30 second timeout. Which makes sending mails frustrating at best.
In /etc/exim4/exim4.conf.template
there is a section about RFC 1413. Make sure you have this line:
rfc1413_query_timeout = 0s(Zero seconds, means: do not bother wasting time on ident).
Comments from long ago:
Comment from: Pergu
usermod -G daemon Debian-exim. did the trick for me Thanx.
2011-01-24 08-04
Comment from: Tim-Hinnerk Heuer
Thanks man! This saved my headache tonight.
2011-01-30 10-50