[exim] www.rellits.com ssl tutorial worked for courier, but…

Top Page
Delete this message
Reply to this message
Author: Tommy Butler
Date:  
To: exim-users
New-Topics: Re: [exim] w.rellits.com ssl tutorial worked for courier, but not exim
Subject: [exim] www.rellits.com ssl tutorial worked for courier, but not exim
Using the great tutorial/howto for self-signed SSL certs to use with
courier MTA and courier IMAP MTA worked just great! Only problem is
that exim doesn't work with the certs. I'm using exim4. Does the howto
at http://www.rellits.com/rellits/exim.html only work for exim3?? What
am I doing wrong?

My exim file is pasted in below my signature line...

Tommy Butler
tommy@??? <mailto:tommy@atrixnet.com>

$ cat /var/lib/exim4/config.autogenerated
#########
# WARNING WARNING WARNING
# WARNING WARNING WARNING
# WARNING WARNING WARNING
# WARNING WARNING WARNING
# WARNING WARNING WARNING
# this file is generated dynamically from the files in
# CONFDIR/conf.d/ or /etc/exim4/exim4.conf.template respectively and
# /etc/exim4/update-exim4.conf.conf
# Any changes you make here will be lost.
# See /usr/share/doc/exim4-base/README.Debian.gz and update-exim4.conf(8)
# for instructions of customization.
# WARNING WARNING WARNING
# WARNING WARNING WARNING
# WARNING WARNING WARNING
# WARNING WARNING WARNING
# WARNING WARNING WARNING
#########

exim_path = /usr/sbin/exim4

CONFDIR = /etc/exim4

domainlist local_domains =
@:cityairlines.net:localhost:cityairlines.net:casino-airlines.com:casinoairlines.net

domainlist relay_to_domains = *

hostlist relay_from_hosts = 127.0.0.1 : ::::1 :

qualify_domain = cityairlines.net

.ifndef DCreadhost
DCreadhost =
.endif

.ifndef DCsmarthost
DCsmarthost =
.endif

local_interfaces = 127.0.0.1:206.123.72.157

LOCAL_DELIVERY=maildir_home

gecos_pattern = ^([^,:]*)
gecos_name = $1

DCconfig_internet = 1

acl_smtp_rcpt = acl_check_rcpt

acl_smtp_data = acl_check_data

.ifdef MESSAGE_SIZE_LIMIT
message_size_limit = MESSAGE_SIZE_LIMIT
.endif

.ifndef DC_minimaldns
host_lookup = *
.endif

rfc1413_hosts = *
rfc1413_query_timeout = 30s

ignore_bounce_errors_after = 2d

timeout_frozen_after = 7d

freeze_tell = postmaster

.ifndef SPOOLDIR
SPOOLDIR = /var/spool/exim4
.endif
spool_directory = SPOOLDIR

trusted_users = uucp

begin acl

acl_whitelist_local_deny:
  accept hosts = ${if exists{CONFDIR/local_host_whitelist}\
                        {CONFDIR/local_host_whitelist}\
                        {}}
  accept senders = ${if exists{CONFDIR/local_sender_whitelist}\
                        {CONFDIR/local_sender_whitelist}\
                        {}}


acl_check_rcpt:
accept hosts = :

  deny    domains       = +local_domains
          local_parts   = ^[.] : ^.*[@%!/|]
          message       = restricted characters in address


  deny    domains       = !+local_domains
          local_parts   = ^[./|] : ^.*[@%!] : ^.*/\\.\\./
          message       = restricted characters in address


  accept local_parts = postmaster
         domains = +local_domains


  deny message = sender envelope address $sender_address is locally 
blacklisted here. If you think this is wrong, get in touch with postmaster
       !acl = acl_whitelist_local_deny
       senders = ${if exists{CONFDIR/local_sender_blacklist}\
                             {CONFDIR/local_sender_blacklist}\
                             {}}


  deny message = sender IP address $sender_host_address is locally 
blacklisted here. If you think this is wrong, get in touch with postmaster
       !acl = acl_whitelist_local_deny
       hosts = ${if exists{CONFDIR/local_host_blacklist}\
                             {CONFDIR/local_host_blacklist}\
                             {}}


  accept domains = +local_domains
         endpass
         message = unknown user
         verify = recipient


  accept domains = +relay_to_domains
         endpass
         message = unrouteable address
         verify = recipient


accept hosts = +relay_from_hosts

accept authenticated = *

deny message = relay not permitted

acl_check_data:
   warn condition = ${if !def:h_Message-ID: {1}}
        hosts = +relay_from_hosts
        message = Message-ID: <E$message_id@$primary_hostname>


accept

begin routers

hubbed_hosts:
  debug_print = "R: hubbed_hosts for $domain"
  driver = manualroute
  domains = "${if exists{CONFDIR/hubbed_hosts}\
                   {partial-lsearch;CONFDIR/hubbed_hosts}\
              fail}"
  route_data = ${lookup{$domain}partial-lsearch{CONFDIR/hubbed_hosts}}
  transport = remote_smtp


.ifdef DCconfig_internet

dnslookup_relay_to_domains:
debug_print = "R: dnslookup_relay_to_domains for $local_part@$domain"
driver = dnslookup
domains = ! +local_domains : +relay_to_domains
transport = remote_smtp
same_domain_copy_routing = yes
no_more

dnslookup:
  debug_print = "R: dnslookup for $local_part@$domain"
  driver = dnslookup
  domains = ! +local_domains
  transport = remote_smtp
  same_domain_copy_routing = yes
  ignore_target_hosts = 0.0.0.0 : 127.0.0.0/8 : 192.168.0.0/16 :\
                        172.16.0.0/12 : 10.0.0.0/8 : 169.254.0.0/16
  no_more


.endif

.ifdef DCconfig_local
nonlocal:
debug_print = "R: nonlocal for $local_part@$domain"
driver = redirect
domains = ! +local_domains
allow_fail
data = :fail: Mailing to remote domains not supported
no_more

.endif

.ifdef DCconfig_smarthost DCconfig_satellite

smarthost:
debug_print = "R: smarthost for $local_part@$domain"
driver = manualroute
domains = ! +local_domains
transport = remote_smtp_smarthost
route_list = * DCsmarthost byname
host_find_failed = defer
same_domain_copy_routing = yes
no_more

.endif

real_local:
debug_print = "R: real_local for $local_part@$domain"
driver = accept
domains = +local_domains
local_part_prefix = real-
check_local_user
transport = LOCAL_DELIVERY

system_aliases:
debug_print = "R: system_aliases for $local_part@$domain"
driver = redirect
domains = +local_domains
allow_fail
allow_defer
data = ${lookup{$local_part}lsearch{/etc/aliases}}
file_transport = address_file

.ifdef DCconfig_satellite
hub_user:
debug_print = "R: hub_user for $local_part@$domain"
driver = redirect
domains = +local_domains
data = ${local_part}@DCreadhost
check_local_user

.endif

userforward:
  debug_print = "R: userforward for $local_part@$domain"
  driver = redirect
  domains = +local_domains
  check_local_user
  file = $home/.forward
  no_verify
  no_expn
  check_ancestor
  allow_filter
  directory_transport = address_directory
  file_transport = address_file
  pipe_transport = address_pipe
  reply_transport = address_reply
  skip_syntax_errors
  syntax_errors_to = real-$local_part@$domain
  syntax_errors_text = \
    This is an automatically generated message. An error has\n\
    been found in your .forward file. Details of the error are\n\
    reported below. While this error persists, you will receive\n\
    a copy of this message for every message that is addressed\n\
    to you. If your .forward file is a filter file, or if it is\n\
    a non-filter file containing no valid forwarding addresses,\n\
    a copy of each incoming message will be put in your normal\n\
    mailbox. If a non-filter file contains at least one valid\n\
    forwarding address, forwarding to the valid addresses will\n\
    happen, and those will be the only deliveries that occur.


procmail:
  debug_print = "R: procmail for $local_part@$domain"
  driver = accept
  domains = +local_domains
  check_local_user
  transport = procmail_pipe
  require_files = ${local_part}:\
                  ${if exists{/etc/procmailrc}\
                    {/etc/procmailrc}{${home}/.procmailrc}}:\
                  +/usr/bin/procmail
  no_verify
  no_expn


maildrop:
debug_print = "R: maildrop for $local_part@$domain"
driver = accept
domains = +local_domains
check_local_user
transport = maildrop_pipe
require_files = ${local_part}:${home}/.mailfilter:+/usr/bin/maildrop
no_verify
no_expn

local_user:
debug_print = "R: local_user for $local_part@$domain"
driver = accept
domains = +local_domains
check_local_user
local_parts = ! root
transport = LOCAL_DELIVERY

mail4root:
debug_print = "R: mail4root for $local_part@$domain"
driver = redirect
domains = +local_domains
data = /var/mail/mail
file_transport = address_file
local_parts = root
user = mail
group = mail

begin transports

address_file:
debug_print = "T: address_file for $local_part@$domain"
driver = appendfile
delivery_date_add
envelope_to_add
return_path_add

address_pipe:
debug_print = "T: address_pipe for $local_part@$domain"
driver = pipe
return_fail_output

address_reply:
debug_print = "T: autoreply for $local_part@$domain"
driver = autoreply

mail_spool:
debug_print = "T: appendfile for $local_part@$domain"
driver = appendfile
file = /var/mail/$local_part
delivery_date_add
envelope_to_add
return_path_add
group = mail
mode = 0660
mode_fail_narrower = false

maildir_home:
debug_print = "T: maildir_home for $local_part@$domain"
driver = appendfile
directory = $home/Maildir
delivery_date_add
envelope_to_add
return_path_add
maildir_format
mode = 0600
mode_fail_narrower = false

maildrop_pipe:
debug_print = "T: maildrop_pipe for $local_part@$domain"
driver = pipe
path = "/bin:/usr/bin:/usr/local/bin"
command = "/usr/bin/maildrop"
return_path_add
delivery_date_add
envelope_to_add

procmail_pipe:
debug_print = "T: procmail_pipe for $local_part@$domain"
driver = pipe
path = "/bin:/usr/bin:/usr/local/bin"
command = "/usr/bin/procmail"
return_path_add
delivery_date_add
envelope_to_add

remote_smtp:
debug_print = "T: remote_smtp for $local_part@$domain"
driver = smtp

remote_smtp_smarthost:
debug_print = "T: remote_smtp_smarthost for $local_part@$domain"
driver = smtp
hosts_try_auth = ${if exists {CONFDIR/passwd.client}{DCsmarthost}{}}
tls_tempfail_tryclear = false



address_directory:
debug_print = "T: address_directory for $local_part@$domain"
driver = appendfile
envelope_to_add = true
return_path_add = true
check_string = ""
escape_string = ""
maildir_format

begin retry

*                      *           F,2h,15m; G,16h,1h,1.5; F,4d,6h


begin rewrite

*@+local_domains ${lookup{${local_part}}lsearch{/etc/email-addresses}\
                   {$value}fail} Ffrs


*@+local_domains "${if exists {CONFDIR/email-addresses}\

{${lookup{${local_part}}lsearch{CONFDIR/email-addresses}\
                    {$value}fail}}fail}" Ffrs


begin authenticators

cram_md5:
driver = cram_md5
public_name = CRAM-MD5
client_name =
${extract{1}{:}{${lookup{$host}lsearch*{CONFDIR/passwd.client}{$value}fail}}}
client_secret =
${extract{2}{:}{${lookup{$host}lsearch*{CONFDIR/passwd.client}{$value}fail}}}

plain:
  driver = plaintext
  public_name = PLAIN
  client_send = "${if !eq{$tls_cipher}{}{\
                     ^${extract{1}{::}\


{${lookup{$host}lsearch*{CONFDIR/passwd.client}{$value}fail}}}\
                     ^${extract{2}{::}\


{${lookup{$host}lsearch*{CONFDIR/passwd.client}{$value}fail}}}\
                   }fail}"


login:
  driver = plaintext
  public_name = LOGIN
  client_send = "${if !eq{$tls_cipher}{}{}fail}\
                 : ${extract{1}{::}\


{${lookup{$host}lsearch*{CONFDIR/passwd.client}{$value}fail}}} \
                 : ${extract{2}{::}\


{${lookup{$host}lsearch*{CONFDIR/passwd.client}{$value}fail}}}"