Server :: Exim Smarthost With DKIM - Configuration Files
May 13, 2010
My employer has started the process of certification with Return Path, and I've been roped in to setting up DKIM, SPF, SenderID etc. so that we are compliant with the certification requirements. Our current e-mail server is qmail, and I'm really not too keen on messing about with the configuration files there. As a safer alternative, I've decided to set up a smarthost relay that only does the DKIM signing. I tried and gave up on Postfix - struggled with understanding the configuration files - and eventually found Exim.
Now, I've got the relaying working perfectly so far. I am NOT running an open relay, my smarthost is configured to only accept SMTP connections from the existing mailserver, and not publicly accessible anyway. The problem I'm having is figuring out exactly where in exim's configuration file I am supposed to configure the DKIM signing options. I've read the official exim documentation and I'm fairly sure about the syntax, I just can't figure out where the options go.
I'm in the process of starting a migration from an old postfix server to nice shiney new exim server however there are a few things i'm really not clear on and i'm hoping that some one here could point me in the correct direction. Okay the postfix server at the moment does the follwoing ( i'll try and keep this simple ):
* accepts incoming mail for users on multiple domains and puts the mail in the users mailbox ( external -> internal )
*accepts mail from users on multiple domains to pass on to the outside world ( internal -> external )
Obviously the POP and Imap functions are handled by other daemons.. I'd like to replicate this sort of setup on the new exim box, however the guides i can find only help with configuring the exim system for incoming mails ( external -> internal ) for multiple domains and i cant seem to find a guide that would indicate how to do both ( internal -> external and external -> internal ) on one box. I'm guessing i may have to do some sort of auth to get exim to accept and then handle the internal -> external side of things?
I cannot get exim4 to actually deliver any "local delivery only; not on a network".But whatever I do in the config, all mail gets frozen with entries in the log file like:"root@empty R=nonlocal: Mailing to remote domains not supported"Maybe the problem is that there is no fqdn for the computer (and will never be). How can I enable local mail delivery?
I work for a university institute and administrate its servers "incidently". Currently I am putting some work into our mail server configuration (sendmail 8.13.1 with amavisd-new-2.6.4). Recently I got amavis to verify DKIM signed mails. Now my plan was to sign outgoing Emails ourselves. This is what I have done (I replaced some names for privacy reasons):
I created a private key:
Code: /usr/local/amavisd/amavisd genrsa /var/dkim/SEL1_DKIMkey.pem Changed permissions for the user running amavis: Code: chown -R vscan.vscan /var/dkim/ && chmod -R 700 /var/dkim Editet my /etc/amavisd.conf:
[Code]....
Send Testmails to sa-test@sendmail.net and check-auth@verifier.port25.com . They automatically create answer mails considering signature information.
Send emails to my external account at some other provider.
The problem is that amavis is not signing the mails. Both automatic test emails reported, that the mail had not been signed. The mail to my external account also did not contain any DKIM information.
"My" system:
Code: # uname -r & cat /etc/issue 2.6.9-89.0.11.ELsmp Red Hat Enterprise Linux AS release 4 (Nahant Update 8)
I have been following this guide (I went through it twice actually): [URL] Since bellsouth blocks port 25 (except to their smarthost) I set up postfix with the option "internet site with smarthost" (not sure if that was exact wording). The final goal of this is to set up a couple mailing lists. When I try to test it I get:
Code:
joel@themis:~$ telnet localhost 25 Trying ::1... Connected to localhost. Escape character is '^]'.
Has anyone got sendmail to connect to Rackspace using smarthost? I've setup rackspace as a smarthost in my sendmail.cf. I have a authinfo in my /etc/mail directory. It connects to smtp.emailsrvr.com (rackspace server) but I get the 'service unavailable' in the maillog. Rackspace says that they can see me sending mails but that they're not seeing the login and password. Not sure if they're right about that or not.
I am trying to make my webserver a well respected email sender and it appears to me that using DKIM is something I need to do.
I have no experience with this and would like to know if anyone thinks there are issues that I should be aware of before going down this path.
Also, I have not been able to find any good, STEP BY STEP, documentation on how to set up DKIM with Sendmail.
I am also not sure if you need a certain network configuration for DKIM to work...this is what I am working with:
My webserver (centos 5.3, sendmail 8.13.8) sends outgoing mail and has a valid reverse DNS that matches a forward DNS. The MX records for my webserver's domain point to a third party email provider who handles the incoming mail for that domain. I added an spf record that signifies it that my webserver is authorized to send mail for mydomain.
Exim: Is there away to block command when someone telnets to exim's port? Email won't send out unless they authenticate, but if there a way to total block them from typing all together, but still allow the server to receive email? IE, to block this:
I have exim setup on squeeze to run as an "internet site". Outgoing mail works fine but it seems to just ignore incoming smtp requests on port 25. I can see the incoming connection via tcpdump but exim doesn't seem to talk. If I connect via telnet it rather quickly says connection refused. Is there something additional I need in the Exim conf?
I run a mailserver and this is bothering me quite abit. Being going on for about a month now. Running exim4 and dovecot with exim4u. This message was created automatically by mail delivery software. A message that you sent could not be delivered to one or more of its recipients. This is a permanent error. The following address(es) failed:
dsghjytyt@yahoo.com retry time not reached for any host after a long failure period
This is a copy of the message, including all the headers. Return-path: <andreas@servar.net> Received: from ip-81-210-201-120.unitymediagroup.de ([81.210.201.120] helo=holly5) by gwdebian.net with esmtpa (Exim 4.72) (envelope-from <andreas@servar.net>) id 1QWpUO-0000yy-ML for dsghjytyt@yahoo.com; Wed, 15 Jun 2011 14:46:32 +0200 MIME-Version: 1.0 Date: Wed, 15 Jun 2011 14:44:16 +0200 X-Priority: 3 (Normal) Content-Type: text/plain; charset="iso-8859-1" Subject: =?iso-8859-1?Q?lizzie_VIAGRA_=C2=AE_-61%_discount?= Content-Transfer-Encoding: quoted-printable From: andreas@servar.net Reply-To: "RE: Your Recent Job" <Posting> To: dsghjytyt@yahoo.com X-Mailer: Microsoft Outlook Express 6.00.2900.2180 Message-ID: <CHILKAT-MID-3b7cf1d5-b3e7-3d78-5c1d-713c0e381cb9@holly5> X-Antivirus: avast! (VPS 110615-0, 15.06.2011), Outbound message X-Antivirus-Status: Clean X-Scanned-By: unscanned primary on gwdebian.net (109.108.198.243); Wed, 15 Jun 2011 14:46:32 +0200 Then alot of random text
I run OSX on my everyday computer so this is not me sending out stuff since the above mail says Microsoft Outlook express has sent it (?) Running a Debian Squeeze server. And I really dont get any other spam due to exim4u setup and spamassasin.
I'm trying to follow the exim documentation to allow suffixes on mailboxes for all users. For example, if user@domain is a mailbox, I want all mail directed to user-*@domain to be delivered user@domain. I've got the split-config-files option and have edited /etc/exim4/conf.d/router/600 to include local_part_suffix lines as follows:
I am trying to setup a sendmail server on my dedicated server. It was pre-configured to use exim from cpanel. Is it possible to use exim for all emails from a a certain domain i setup on the server and sendmail for others?
ex. domain1.com -> exim domain2.com -> sendmail
If it is possible can someone let me know how i would go about doing this? If it is not how would i disable exim and use sendmail for all mail?
i was asking how to build a CentOS Exim mail server, & gaurantee that all mail messages will be delivered to hotmail inbox ??hotmail said that it will only accept 500 simultanuos connections (=500 messages) to its mail servers from only one IP address, so is there an exim options that i can use to limit messages that sent through the mail server to hotmail to be sent as 500 messages then send another 500 & so on
I am getting '+'symbol (-rw-r-----+) while viewing the file permission of exim_mainlog files. what the reason for this '+' symbol. -rw-r-----+ 1 mailnull mail 648448492 Jun 25 10:27 exim_mainlog
Mails are not going out of the queue. Removed all frozen mails and tried to flush queue using exim -qf command. Also checked queue after restarting exim. Still messages are not going out of the queue.
We moved over from Cpanel using Exim. I was wondering if anyone knew of way to convert the mail so when a user logs in they get to all their mail in their folders. I notice exim has a ton of folders while postfix creates files that act like folders which contain all the emails. I sent up 1 of the emails into the our mail folder that was created by Exim and it can be Subscribed to in Outlook with imap but the emails inside doesn't show up. They both appear as text files so I don't know what the difference is.
I'm using CentOS 5 with WHM & exim 4, & when I configured exim to use gmail as an outgoing mail server I got this error:
Code: 2010-10-13 20:20:33 1P64vN-0002h0-7v ** email@domain.com R=send_via_gmail T=gmail_smtp: SMTP error from remote mail server after MAIL FROM: SIZE=5387: host gmail-smtp.l.google.com [**.**.**.**]: 530-5.5.1 Authentication Required.
Learn more at 530 5.5.1 [URL] Only debian solutions & paths that doesn't exist in my servers.
I want to setup Exim to only allow sending mail from the localhost and externally with Plain authentication. I know I should use TLS but not all software supports TLS, I want Exim to use its own userpass file not the local system. I have spent a few days trying to get this setup, so far I have followed this: [URL].... But unsure what to change to remove the need for TLS.
I have 3 ip address on my VPS and I need to change exim configuration to listen only on one ip address. VPS have WHM and Cpanel installed.I changed in exim configuration interface to my ip.
to avoid automatic start of this mail server (I use qmail). After several months, I did a reboot and exim is started! Looking at the history, I found this command:
Quote: dpkg-reconfigure exim4-config
Maybe this command has restored the init script of exim?
LDAP is endlessly not working, due to difficulties to simply configure it. I even cannot make the first steps of the installations ... It seems so difficult ... After many howto, wiki, reading, re-reading the errors are still there, always different, and not working.Is there an admin, coming from hell, that made running a LDAP server for sharing the basic configuratin files /var.. /etc... of a working LDAP Server in a tar.gz?
In my system, I see two syslog configuration files, /etc/rsyslog.conf and /etc/syslog.conf.. What is the use of each file? I know only that of /etc/syslog.conf...how about /etc/rsyslog.conf? what is its use?
I have a RHEL 4.5 with Postfix 2.2.10 configured as a smart host for an Exchange 2003 server. Its been running well for three years like this. We have some users that are configured with alternate SMTP addresses for a secondary email domain in Exchange. One user is not getting his email for the secondary SMTP. All the others are. After some digging, the maillog indicates Postfix is not relaying his email to Exchange but to the Postfix local mail folder under /var/spool/mail. What in the configuration would cause this? His email is in the relay_recipients file as the others are.
I have been reading the official Openldap configuration files, plus a bunch of other websites but I cannot find the literal meaning for the following short names:
