#StackBounty: #debian #email #smtp #exim Complete setup of Exim4 as SMTP to reach most inboxes as possible (correct configuration)

Bounty: 200

I have over the last days tried to setup Exim4 to handle all mails sent from a web application.

It seems to be working, but I haven’t found out how to hardcode the hostname which will be sent with EHLO? (I don’t want to set /etc/hostname)

Have found the variable MAIN_HARDCODE_PRIMARY_HOSTNAME mentioned in the config but havn’t found a way to set it. Is this variable the simplest way to set the hostname or is there a better way to do it?

Below is the complete install/config.. Am I missing something?

Exim version 4.92
Debian Buster 10

Install

apt-get install exim4-daemon-light

Configure Exim4

dpkg-reconfigure exim4-config

Type:           internet site
FQDN:           smtp.mydomain.com
SMTP listener:      (empty)
Mail destinations:  (empty)
Domain relay:       (empty)
Machine relay:      (empty)
DNS queries minimal:    No
Delivery method:    Maildir
Split conf files:   No

Enable TLS and generate certs

printf "MAIN_TLS_ENABLE = truen" >> /etc/exim4/exim4.conf.localmacros
/usr/share/doc/exim4-base/examples/exim-gencert

check reverse DNS (IP -> smtp.mydomain.com)

https://mxtoolbox.com/ReverseLookup.aspx

Get IPv6

ip -6 addr | grep inet6 | awk -F '[ t]+|/' '{print $3}' | grep -v ^::1 | grep -v ^fe80

/etc/hosts

[ipv4]  smtp.mydomain.com
[ipv6]  smtp.mydomain.com

uncomment in ‘/etc/exim4/exim4.conf.template’

# plain_server:
# driver = plaintext
# public_name = PLAIN
# server_condition = "${if crypteq{$3}{${extract{1}{:}{${lookup{$2}lsearch{CON$
# server_set_id = $2
# server_prompts = :
# .ifndef AUTH_SERVER_ALLOW_NOTLS_PASSWORDS
# server_advertise_condition = ${if eq{$tls_cipher}{}{}{*}}
# .endif

add user/pass -> ‘/etc/exim4/passwd’

/usr/share/doc/exim4-base/examples/exim-adduser

DKIM/SPF

I have setup DKIM keys on the server and DKIM/SPF on DNS and both works


Get this bounty!!!

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.