I'm trying to move a Postfix setup to Exim. I've read through the
general sections of the manual, and skimmed the list archives, and am just
about ready to dive into building my configuration file.
I've heard good things about the Exim community, so I'm hoping
that users can help me with any tips, tricks, or config snippets that I
should be aware of before I get started. In short, I'm looking for a
little bit of hand-holding until my confidence and experience grow. Even
just a "yes that is possible and has been done before" would be very
encouraging at this point.
So here it is:
1. RPMs, anyone? I'm unable to find any RPMs of the 4.x series. I'm
looking for either a .src.rpm or a Mandrake 9.0 i386 with support for SMTP
AUTH "LOGIN" and OpenLDAP.
2. SMTP AUTH. I've read that Exim can use PAM directly for SMTP AUTH.
Where can I read about that kind of setup? (What config options, what
filename in /etc/pam.d/, is there a howto, etc.)
3. Misc.
Here's a brief overview of my setup. My domains and local users
are stored in an LDAP database. I want to make it so that any AUTH'd user
can relay to wherever he pleases (no matter what I.P. he is coming from).
Other than that, Exim will receive mail for any local user (in the LDAP
database), but everything else is rejected. (Pretty standard...?)
Note that the LDAP server is also used by PAM; so the email
accounts are not just in LDAP, they are also "local" to the system via
PAM.
Here are the tricky bits. I want to use procmail as the Local
Delivery Agent for my local users, for two reasons:
1. It supports the Maildir format, which I need
2. It allows for advanced filtering through well-documented recipes
Is there any problem with using procmail as the LDA in Maildir
mode (when the users are in LDAP and/or PAM)?
Finally, here is the really tricky part. This is what I could not
(so far) do with Postfix. This server needs to support multiple domains,
AND each user needs to have a real Unix system account. So what's the big
deal? The big deal is that I need the system to allow for
dereks@???
dereks@???
[etc.]
...so the local username cannot just be "dereks", as that would
result in a namespace conflict. The solution seems to be to have the
system usernames include the domain part, that is, the local Unix
usernames for the above are "dereks@???" and "dereks@???".
So far, it seems to work with all the server software I am using (except
Postfix). Here's a sample SSH login:
----------------------------------------------------------------
login as: test@???
Sent username "test@???"
test@???@intranet.obfuscated.net's password: [LDAP Password]
-sh-2.05b$ whoami
test@???
-sh-2.05b$ echo stuff > a_file.txt
-sh-2.05b$ ls -la a_file.txt
-rw------- 1 test@??? users 6 Jan 2 17:18 a_file.txt
-sh-2.05b$
----------------------------------------------------------------
The reason "why" for this insanity is filesystem-based features I
wish to offer, like Courier-IMAP's shared folders, DAV file sharing with
groups, and some other stuff (all with "Single Sign-On" in the LDAP
server). But I want to support that for multiple domains, like an ISP.
So the really big question is: is there any reason why local users
cannot have the form "user@???"? It seems to me that I can just
define a direct LDAP search to look for the entire email address, instead
of using $local_part. (Postfix is hard-coded to only use the stuff up to
the first '@' when looking for local users, and procmail cannot be used as
the LDA with Postfix's "virtual users". Therefor, I'm stuck. Plus Exim's
design and feature set is looking very attractive...)
So, any suggestions, existing configs/snippets, hints, etc. are
greatly appreciated. My desire is to contribute back to the list once I
have a better grasp of wtf I am doing.
Thank You,
Derek Simkowiak
