Autor: Sabahattin Gucukoglu Fecha: A: exim-users Asunto: Re: [exim] converting from debian package to source
On 8 Jan 2022, at 14:07, Julian Bradfield via Exim-users <exim-users@???> wrote: > My mail servers run, and have run for decades, on Debian, and I've
> always used the Debian package for exim4, though I don't use debconf
> for my own additions, but just edit the conf.template file as if it
> were a .conf file.
>
> The pain of dealing with Debian's antiquated versions (4.92) and
> gratuitous messing around with upstream's configuration (most recent
> annoyance, not supporting built-in SPF) is prompting me to think about
> switching to using the primary source.
>
> I wonder if anybody on this list has done such a conversion recently,
> and would have time to share the chief gotchas they encountered.
I wasn’t clear about whether you understood this, but, of course, nothing obliges you to use debconf, split configuration, or the template to configure Exim; the Debian binaries look for /etc/exim4/exim4.conf first, before the autogenerated file. Ignore the *-conf package altogether and simply put your configuration into that one file. Consult the EDITME provided with the binary to see how it’s compiled. This is the approach I take, because it turns out that building an Exim binary package whenever it’s updated, and especially for one distro on another, is sufficiently hard in practice that I can’t be arsed and I'd rather simply work around the limitations of the Debian build. As others have suggested, run-time SPF checking is something I wouldn’t recommend doing anyway in a world of DMARCs.
If you want to do it anyway, then get the Debian source package and look at the included docs and rules for creating your own “-custom” binary package. You can build your own .deb and then install it, which will give you correct tracking for your build, and will generate the correct dependency list for your shared library dependencies. I would not advise simply replacing the system binary; you should try hard to do the job properly. As I said, I think you may find that the compromise of working with the existing binary distribution and your own configuration is acceptable. The only reason I wanted to recompile was to go from GnuTLS to OpenSSL, which is a decision I have since rescinded. Of course, if it ever turns out that Debian’s Exim gets dynamic loading of shared libraries, I might just rethink that.
