Exim Alternative

Aus Xinux Wiki
Zur Navigation springen Zur Suche springen

Mailserver Setup mit Exim4 + Dovecot (Maildir, TLS, LMTP)

Alte Mailserver entfernen

  • systemctl stop postfix exim4 dovecot || true
  • apt purge -y postfix exim4 exim4-base exim4-config exim4-daemon-light exim4-daemon-heavy dovecot-core dovecot-imapd dovecot-lmtpd
  • apt autoremove -y
  • apt autoclean
  • rm -rf /etc/postfix
  • rm -rf /etc/exim4
  • rm -rf /etc/dovecot
  • rm -rf /var/spool/postfix
  • rm -rf /var/spool/exim4
  • rm -rf /var/spool/exim4/private
  • rm -rf /etc/exim4/conf.d/master

Grundvariablen setzen

  • FQDN=$(hostname -f)
  • DOM=$(hostname -d)

Exim Verzeichnisse vorbereiten

  • mkdir -p /var/spool/exim4/private
  • chown Debian-exim:Debian-exim /var/spool/exim4/private
  • chmod 750 /var/spool/exim4/private

Maildir für neue Benutzer

  • mkdir -p /etc/skel/Maildir/{cur,new,tmp}
  • grep -q MAILDIR /etc/skel/.bashrc || echo 'export MAIL=$HOME/Maildir' >> /etc/skel/.bashrc

Pakete installieren

  • apt update
  • DEBIAN_FRONTEND=noninteractive apt install -y exim4 dovecot-core dovecot-imapd dovecot-lmtpd mailutils

Exim Grundkonfiguration

dc_eximconfig_configtype='internet'
dc_other_hostnames='$FQDN:$DOM'
dc_local_interfaces='0.0.0.0'
dc_readhost=''
dc_relay_domains=''
dc_minimaldns='false'
dc_relay_nets=''
dc_smarthost=''
dc_use_split_config='true'
dc_hide_mailname=''
dc_mailname_in_oh='true'
dc_localdelivery='maildir_home'

Exim TLS konfigurieren

tls_certificate = /etc/ssl/own.crt
tls_privatekey  = /etc/ssl/own.key

SMTPS aktivieren

daemon_smtp_ports = 25 : 465
tls_on_connect_ports = 465

Exim Konfiguration übernehmen

  • update-exim4.conf
  • systemctl restart exim4

Dovecot Maildir

mail_driver = maildir
mail_home = /home/%{user | username}
mail_path = %{home}/Maildir

Dovecot TLS

ssl = yes
ssl_server_cert_file = /etc/ssl/own.crt
ssl_server_key_file = /etc/ssl/own.key
ssl_min_protocol = TLSv1.2

Dovecot Dienste

service imap-login {
  inet_listener imap {
  }

  inet_listener imaps {
  }
}

service lmtp {
  unix_listener /var/spool/exim4/private/dovecot-lmtp {
    mode = 0600
    user = Debian-exim
    group = Debian-exim
  }
}

service auth {
  unix_listener /var/spool/exim4/private/auth {
    mode = 0660
    user = Debian-exim
    group = Debian-exim
  }
}

TLS Zertifikat

-----BEGIN CERTIFICATE-----
MIIFDzCCAvegAwIBAgIUNoGnreAwkoQqp3TK/ARqG9YzCFgwDQYJKoZIhvcNAQEL
BQAwETEPMA0GA1UEAwwGY2EuY3J0MB4XDTI1MDYyNjA3MTcxMFoXDTI3MDYyNjA3
MTcxMFowFjEUMBIGA1UEAwwLKi5pdDIxMy5pbnQwggIiMA0GCSqGSIb3DQEBAQUA
A4ICDwAwggIKAoICAQCOXnGlGRDzo8m/BgNa+oW5h6e6lwYQIrkECVEXlJhqP9bw
...
KT89
-----END CERTIFICATE-----

TLS Private Key

-----BEGIN PRIVATE KEY-----
MIIJQQIBADANBgkqhkiG9w0BAQEFAASCCSswggknAgEAAoICAQCOXnGlGRDzo8m/
...
N1h5
-----END PRIVATE KEY-----

Dienste starten

  • systemctl restart exim4
  • systemctl restart dovecot
Abgerufen von „http://wiki.ixheim.de/index.php?title=Exim_Alternative&oldid=67552