category: debian Exim4 Light
Debian Exim4 (and more)
While pondering my ultimate LAN layout, I decided that my current set-up for mail handling was sub-par. I have a wide variety of POP3 and IMAP mailboxes, and also access them from a variety of places/systems. To access them individually is a mess, while always using the same machine to access is a pain.
To remedy this, I discovered fetchmail, which grabs mail from a location and injects it into the local mail system. This satisfied the problem of grabbing mail. However, the mail is all intermixed. By using filters (e.g. Exim's .forward file), mail can be sorted. In addition, mail can be filtered for spam (SpamAssassin) and viruses (ClamAV). To secure mail injection, we set up authentication (SMTP-Auth).
Now that we have mail delivery, we can set up methods of accessing it. By using (secure) IMAP, we can access all the mail from any client or location. In my case, I use Courier-IMAP as it is easy to integrate. In addition to standard IMAP access, providing secure WebMail can be done using SquirrelMail.
And because we're using Debian (sarge/testing), almost all of it is done for us.
Exim Choices
Since we're using Debian, all of our software can be installed via
apt. However, there is a choice to be made when installing Exim. Debian
provides two daemons: exim4-daemon-light and
exim4-daemon-heavy. The heavy daemon contains lots of
features that we will be using, but also much more.
In this tutorial, we'll be using the light daemon.
Configuring Exim4 (Light)
The light daemon (which is the default on a new system) only contains the minimal to have Exim running. It also includes a few extras to make plugging in our scanning easier. Install the daemon if its not already installed:
$ apt-get install exim4-daemon-light
The install will ask you some configuration choices. This tutorial will use the split configuration. If you ever need to re-do the config, run:
$ dpkg-reconfigure exim4-config
To have Exim use Maildir instead of mbox (which will be necessary
later), modify the file /etc/exim4/update-exim4.conf.conf
and add the following line:
dc_localdelivery='maildir_home'
Since mail is delivered to Maildirs, the system environment should be
modified to match this. First, modify the file /etc/login.defs
to change the following lines from:
#QMAIL_DIR Maildir/
MAIL_DIR /var/mail
#MAIL_FILE .mail
to
QMAIL_DIR Maildir/
#MAIL_DIR /var/mail
MAIL_FILE Maildir/
If you use PAM (you should be), modify the files
/etc/pam.d/ssh and /etc/pam.d/login to change
the following line in each from:
session optional pam_mail.so standard noenv
to
session optional pam_mail.so standard dir=~/Maildir
By changing the files, the default environment is set so applications can locate and use Maildirs instead of mboxes. Now restart Exim:
$ invoke-rc.d exim restart
Exim is now configured for Maildir support.
Configuring SpamAssassin
To perform spam checking, we'll use spamassassin.
(Install any other suggested packages if you like.) To integrate it with
Exim, we'll need also need sa-exim. First, install the
necessary packages:
$ apt-get install spamassassin razor sa-exim
By default sa-exim will not execute SpamAssassin, so
modify the file /etc/exim4/sa-exim.conf and remove the
following line:
SAEximRunCond: 0
There are many settings that can be made in the file. Make any settings for your system.
By default spamassassin does not start the
spamd daemon, so modify the file
/etc/default/spamassassin and change the following line
from:
ENABLED=0
to
ENABLED=1
Exim is now configured to check incoming mail for spam.
Configuring ClamAV
ClamAV TODO
Configuring SMTP-Auth
SASL TODO
Configuring SquirrelMail
To set up webmail, we'll need Apache2. If this is not done yet, see the Apache2+SSL tutorial.
TODO