Re: [exim] replacing postfix for exim4

Góra strony
Delete this message
Reply to this message
Autor: David Angleitner
Data:  
Dla: Exim-users@exim.org
CC: 'M. Piscaer'
Temat: Re: [exim] replacing postfix for exim4
Hi Michael

This is what we use:
tls_certificate = /etc/exim4/ssl/${interface_address}.crt
tls_privatekey = /etc/exim4/ssl/${interface_address}.key

Then simply name your cert and key files according to your interface ip addresses.

You should be able to use a lookup in a file with interface_address as key too if you prefer.

Kind regards
David

-----Ursprüngliche Nachricht-----
Von: Exim-users [mailto:exim-users-bounces+david.angleitner=team.deep.ch@exim.org] Im Auftrag von M. Piscaer
Gesendet: Freitag, 15. Mai 2015 11:39
An: Exim-users@???
Betreff: [exim] replacing postfix for exim4

Hi,

I'm replacing an postfix setup for exim4. This because exim has better
mail routing options then postfix. This server is used as an Smarthost
for its ISP customers.

In the current setup that we use, we have multible hostnames to connect
to the server.

All are TLS enabled, with postfix we have in the master.cf config the
following statement:

10.115.3.42:smtp     inet  n       -       -       -       -       smtpd
  -o smtpd_tls_cert_file=/etc/ssl/certs/mail.domein1.nl.crt
  -o smtpd_tls_key_file=/etc/ssl/private/mail.domein1.nl.key
  -o smtpd_tls_CAfile=/etc/ssl/certs/ThawteSSL123_bundle.crt
10.115.3.43:smtp     inet  n       -       -       -       -       smtpd
  -o smtpd_tls_cert_file=/etc/ssl/certs/mail.domein2.nl.crt
  -o smtpd_tls_key_file=/etc/ssl/private/mail.domein2.nl.key
  -o smtpd_tls_CAfile=/etc/ssl/certs/ThawteSSL123_bundle.crt
[xxx:xxx:100:11::165]:smtp     inet  n       -       -       -       -
     smtpd
  -o smtpd_tls_cert_file=/etc/ssl/certs/mail.domein1.nl.crt
  -o smtpd_tls_key_file=/etc/ssl/private/mail.domein1.nl.key
  -o smtpd_tls_CAfile=/etc/ssl/certs/ThawteSSL123_bundle.crt
[xxx:xxx:100:11::166]:smtp     inet  n       -       -       -       -
     smtpd
  -o smtpd_tls_cert_file=/etc/ssl/certs/mail.domein2.nl.crt
  -o smtpd_tls_key_file=/etc/ssl/private/mail.domein2.nl.key
  -o smtpd_tls_CAfile=/etc/ssl/certs/ThawteSSL123_bundle.crt

This glueed the IP address to an IP of IPv6 address. Also we have the
same setup for smtps and submission.

I see settings like tls_on_connect_ports, tls_certificate and
tls_privatekey. That that uses only one TLS certificate. The problem I
have multiple IP addresses and multiple hostnames. So I need to clue it
all together

Kinds regards,

Michiel Piscaer

-- 
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/