Re: [exim] Start working with exim config files

Top Pagina
Delete this message
Reply to this message
Auteur: Jan Ingvoldstad
Datum:  
Aan: exim users
Onderwerp: Re: [exim] Start working with exim config files
On Tue, Jun 13, 2017 at 12:30 PM, John Smith <j0hnsm1th@???> wrote:

>    Hello,

>


Hi!


>    I started working with Exim a few days ago, so I'm a very very beginner
>    for now. The question I have is, I think, very easy and the goal of my
>    question is to get a proper use of Exim's config files.
>    The setup :
>    I'm using a Debian distribution, so after installing Exim4 I done a :

>


Then this is a question you should be asking to a Debian support group, as
Debian's Exim setup has several pecularities and macros not common for
other Exim setups.

However, I think your question is reasonably easy to answer, I'll just jump
to the meat of it:

So I took a look to the files in conf.d and saw that this «
>    tls_certificate » parameters already exists like here :
>    .ifdef MAIN_TLS_CERTKEY
>    tls_certificate = MAIN_TLS_CERTKEY
>    .else
>    .ifndef MAIN_TLS_CERTIFICATE
>    MAIN_TLS_CERTIFICATE = CONFDIR/exim.crt
>    .endif

>
>    (If the MAIN_TLS_CERTKEY is defined, Exim takes this parameter. Else if
>    not defined, Exim use the default files like "/etc/exim4/exim.crt"
>    where CONFDIR is defined as /etc/exim4).
>    Here is my question : what is the best way to define a value like this
>    ?
>    Create in conf.d/main directory a file called like « 000_local » and
>    set in « MAIN_TLS_CERTKEY = value » ? I  prefer asking to advanced
>    admins what is the good way.

>


Yes, you want to set these in 000_local_config:

MAIN_TLS_CERTKEY = /etc/ssl/certs/file1.crt
MAIN_TLS_PRIVATEKEY = /etc/ssl/certs/private/file2.key


>    So with a second example, if I want to enable the «
>    tls_try_verify_hosts » value, I have to set :
>    MAIN_TLS_TRY_VERIFY_HOSTS='true' in the 000_local file in conf.d/main/
>    ?

>


Yep.


>    So with this each time you want to set a value and if it's already
>    defined in default conf, you have to find the variable associed ? Like
>    here, we wanted to set « tls_try_verify_hosts » and the associated
>    variable is « MAIN_TLS_CERTKEY ».

>
>

Yep.

Or, you could choose _not_ using Debian's split config, and create your
own simplified Exim config instead:


In /etc/exim4/update-exim4.conf.conf:

dc_use_split_config='false'

Rename /etc/exim4/exim4.conf.template to /etc/exim4/exim4.conf.template.orig

Create a new /etc/exim4/exim4.conf.template containing _precisely_ the Exim
configuration you need.

The only difference from running a default Exim should then be to always
run update-exim4.conf, check for errors, and then service exim4 reload.

--
Jan