Your submission was sent successfully! Close

You have successfully unsubscribed! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates about Ubuntu and upcoming events where you can meet our team.Close

Install and configure Exim4

Install Exim4

To install Exim4, run the following command:

sudo apt install exim4

Configure Exim4

To configure Exim4, run the following command:

sudo dpkg-reconfigure exim4-config

This displays a “wizard” user interface for configuring the software. For example, in Exim4 the configuration files are split amongst multiple files by default; if you wish to have them in one file you can configure this via the user interface.

All configurable parameters from the user interface are stored in the /etc/exim4/update-exim4.conf.conf file. To re-configure the software you can either re-run the wizard, or manually edit this file using your preferred editor.

Once you are finished, you can run the following command to generate the master configuration file:

sudo update-exim4.conf

The master configuration file is stored in /var/lib/exim4/config.autogenerated.

Warning:
You should never manually edit the master configuration file, /var/lib/exim4/config.autogenerated, because it is updated automatically every time you run update-exim4.conf. Any changes you make to this file will be lost during future updates.

Start the Exim4 daemon

The following command will start the Exim4 daemon:

sudo service exim4 start

SMTP authentication

Exim4 can be configured to use SMTP-AUTH with Transport Layer Security (TLS) and Simple Authentication and Security Layer (SASL).

First, enter the following into a terminal prompt to create a certificate for use with TLS:

sudo /usr/share/doc/exim4-base/examples/exim-gencert

Configure Exim4 for TLS by editing the /etc/exim4/conf.d/main/03_exim4-config_tlsoptions file and adding the following:

MAIN_TLS_ENABLE = yes

Next, configure Exim4 to use the saslauthd daemon for authentication by editing /etc/exim4/conf.d/auth/30_exim4-config_examples – uncomment the plain_saslauthd_server and login_saslauthd_server sections:

plain_saslauthd_server:
  driver = plaintext
  public_name = PLAIN
  server_condition = ${if saslauthd{{$auth2}{$auth3}}{1}{0}}
  server_set_id = $auth2
  server_prompts = :
  .ifndef AUTH_SERVER_ALLOW_NOTLS_PASSWORDS
  server_advertise_condition = ${if eq{$tls_cipher}{}{}{*}}
  .endif

login_saslauthd_server:
  driver = plaintext
  public_name = LOGIN
  server_prompts = "Username:: : Password::"
  # don't send system passwords over unencrypted connections
  server_condition = ${if saslauthd{{$auth1}{$auth2}}{1}{0}}
  server_set_id = $auth1
  .ifndef AUTH_SERVER_ALLOW_NOTLS_PASSWORDS
  server_advertise_condition = ${if eq{$tls_cipher}{}{}{*}}
  .endif

To enable outside mail clients to connect to the new server, a new user needs to be added into Exim4 by using the following commands:

sudo /usr/share/doc/exim4-base/examples/exim-adduser

Protect the new password files with the following commands:

sudo chown root:Debian-exim /etc/exim4/passwd
sudo chmod 640 /etc/exim4/passwd

Finally, update the Exim4 configuration and restart the service:

sudo update-exim4.conf
sudo systemctl restart exim4.service

Configure SASL

To configure saslauthd to provide authentication for Exim4, first install the sasl2-bin package by running this command at a terminal prompt:

sudo apt install sasl2-bin

To configure saslauthd, edit the /etc/default/saslauthd configuration file and set:

START=yes

Next, to make Exim4 use the saslauthd service, the Debian-exim user needs to be part of the sasl group:

sudo adduser Debian-exim sasl

Finally, start the saslauthd service:

sudo service saslauthd start

Exim4 is now configured with SMTP-AUTH using TLS and SASL authentication.

References

Previous Install Dovecot Next Printing: Set up a CUPS print server

This page was last modified 10 months ago. Help improve this document in the forum.