(forw) Re: [Exim] Newbie Exim docs we talked about....

Top Page
Delete this message
Reply to this message
Author: patrick
Date:  
To: Philip Hazel
CC: exim-users
Subject: (forw) Re: [Exim] Newbie Exim docs we talked about....
----- Forwarded message from patrick@??? -----
Given that I'm no expert, perhaps others would like to comment on this
installation approach.


From: patrick@???
Date: Fri, 31 Aug 2001 12:14:17 +0000
Subject: Re: [Exim] Newbie Exim docs we talked about....

#! On Thu, Aug 30, 2001, Chris Seberino wrote:

Hi Chris,

As someone who has just been through a lot of exim muddles, perhaps I
can contribute here. I messed up my exim setup while moving /opt to a
new partition. So this morning I was able to try out your guide. It
works but needs a little changing patricularly for routers info.

>not a guru email manager. Remember this was
>intentional.)
>i

First step: offer a default installation. Its great that you can tweak
everything but for goodness sake lets allow for people who break stuff
when they tweak.

Suggested first instruction for default setup:
groupadd exim_mail
useradd exim_mail - d /dev/null -s /bin/false -g exim_mail
mkdir -p /var/spool/mail
chown exim_mail /var/spool/mail
chmod 1777 /var/spool/mail
mkdir -p /var/log/exim
chown exim_mail /var/log/exim
chmod 1777 /var/log/exim

If there was a sed command that would extract the UID and GID from
/etc/passwd that would be great but otherwise...

"From /etc/passwd please copy the UID and GID for exim_mail and enter them
below"

>Q1. Is the EXIM_UID & EXIM_GID trick to avoid always running
>as root useful/necessary if only running Exim as a client?
>As far as I can tell there is no security risk with email if one
>is NOT running exim daemon in background to RECEIVE emails.
>
>Q2. Will exim default to using syslog with this minimal
>Makefile or is "LOG_FILE_PATH=syslog" necessary? If
>we don't use syslog then newbies need to rotate log files
>which may give them a heart attack.


Most newbies know how to tail -f a log but find all the info in syslog
confusing. Why not use a dedicated folder?

>
>Q3. Are all the DIRECTOR_*own exim /var/spool/mail

chmod 1777 /var/spool/mailvariables in Makefile
>absolutely necessary for client usage of exim???
>Please explain their use in few sentences if so.
>Is it possible to remove some or all?
>What about LOOKUP_DBM and LOOKUP_LSEARCH???
>Can you explain what *clients* need this for if necessary?


It OK to have stuff in with a header that says "You don't need to
understand this. It just works. If you are insterested, read chapters
17,18, 34, 35 amd 42 of the manual." Or some suuch discouraging note
over the essential but incomprehensible stuff.
>
>Q4: SPOOL_MODE=0600, LOG_DIRECTORY_MODE=0600
>    MSGLOG_DIRECTORY_MODE=0700 and
>    SPOOL_DIRECTORY_MODE=0700 all OK???
>    Can we get away with making all this stuff
>    NOT be group/world readable??? 
>    i.e. Will my 600s and 700s work????

>


No these don't work. If you do this, other users are denied access to
their mail. 1777 works.

>
>1. Uncompress and untar Exim sources:
>
>    tar xvfz exim-<version>.tar.gz.

>
>2. Place the following in <path to source directory>/Local/Makefile, a new file in a new directory under the source directory:
>
>BIN_DIRECTORY=/usr/exim/bin
>CONFIGURE_FILE=/usr/exim/configure
>
>DIRECTOR_ALIASFILE=yes
>DIRECTOR_FORWARDFILE=yes
>DIRECTOR_LOCALUSER=yes
>DIRECTOR_SMARTUSER=yes
>
>LOOKUP_DBM=yes
>LOOKUP_LSEARCH=yes
>
>ROUTER_DOMAINLIST=yes
>ROUTER_LOOKUPHOST=yes
>
>SPOOL_DIRECTORY=/var/spool/exim
>SPOOL_MODE=0640
>
>SUPPORT_TLS=yes
>TLS_LIBS=-lssl -lcrypto
>
>TRANSPORT_APPENDFILE=yes
>TRANSPORT_AUTOREPLY=yes
>TRANSPORT_PIPE=yes
>TRANSPORT_SMTP=yes
>


This /must/ have the routers in or else exim doesn't work.
>3. Execute the following as root:
>


BIN_DIRECTORY=/opt/bin
CONFIGURE_FILE=/etc/exim.conf

CHOWN_COMMAND=/bin/chown
CHGRP_COMMAND=/bin/chgrp
MV_COMMAND=/bin/mv
RM_COMMAND=/bin/rm
PERL_COMMAND=/usr/bin/perl
COMPRESS_COMMAND=/bin/gzip
COMPRESS_SUFFIX=gz
CYCLOG_MAX=10
ZCAT_COMMAND=/opt/gnu/bin/zcat:x


LIBS=-L/opt/lib
INCLUDE=-I/opt/include

EXIM_UID=1001
EXIM_GID=12

LOG_FILE_PATH=/var/log/exim/exim_%slog

DIRECTOR_ALIASFILE=yes
DIRECTOR_FORWARDFILE=yes
DIRECTOR_LOCALUSER=yes
DIRECTOR_SMARTUSER=yes

LOOKUP_DBM=yes
LOOKUP_LSEARCH=yes

ROUTER_DOMAINLIST=yes
ROUTER_IPLITERAL=yes
ROUTER_LOOKUPHOST=yes
ROUTER_QUERYPROGRAM=yes

SPOOL_DIRECTORY=/var/spool/mail
SPOOL_MODE=0640

TRANSPORT_APPENDFILE=yes
TRANSPORT_AUTOREPLY=yes
TRANSPORT_PIPE=yes
TRANSPORT_SMTP=yes



----- End forwarded message -----

--

Patrick "sig free and joyful"" Kirk

GSM: +44 7876 560 646
ICQ: 42219699