I set up exim + dovecot for qa-site. I’m pretty happy with the results so far. Installation was a snap, and configuration was practically pain free (thanks in part to google and this mini howto for SMTP auth.)
I created SSL keys for both exim and dovecot (that are practically identical) using this command:
openssl req -x509 -newkey rsa:1024 -keyout exim.key -out exim.crt -days 365 -nodes
openssl req -x509 -newkey rsa:1024 -keyout dovecot.key -out dovecot.crt -days 365 -nodes
and then edited the configuration files to point to them:
exim.conf:
tls_certificate = /usr/share/ssl/certs/exim.crt
tls_privatekey = /usr/share/ssl/private/exim.key
dovecot.conf:
ssl_cert_file = /usr/share/ssl/certs/dovecot.crt
ssl_key_file = /usr/share/ssl/private/dovecot.key
in exim.conf, I also made the following changes:
primary_hostname = qa-site.com #this would have used `uname -n` by default
uncommented:
auth_advertise_hosts = ${if eq {$tls_cipher}{}{}{*}}
and commented:
#auth_advertise_hosts =
and then added:
plain:
driver = plaintext
public_name = PLAIN
server_prompts = :
server_set_id = $2
server_condition = “${if pam{$2:$3}{1}{0}}”
login:
driver = plaintext
public_name = LOGIN
server_prompts = “Username:: : Password::”
server_set_id = $1
server_condition = “${if pam{$1:$2}{1}{0}}”
in addition, to use maidir, I edited exim.conf to include:
local_delivery:
driver = appendfile
# file = /var/mail/$local_part
delivery_date_add
envelope_to_add
return_path_add
group = mail
mode = 0660
maildir_format = true
directory = /home/${local_part}/Maildir
create_directory = true
check_string = “”
escape_string = “”
in dovecot, I just had to set:
mail_location = maildir:~/Maildir
I created a .muttrc file to read my Maildir:
set mbox_type=Maildir
set folder=”~/Maildir”
set mask=”!^\\.[^.]“
set mbox=”~/Maildir”
set record=”+.Sent”
set postponed=”+.Drafts”
set spoolfile=”~/Maildir”
I now have working TLS with SMTP auth, POP3 and IMAP access through remote thundirbird/outlook and local mutt clients. They both use PAM system-auth by default (exim needed read access to /etc/shadow.)
The next steps are to set up procmail to use spamassassin and clamav to filter incoming mail, and set up a webmail client. I mentioned on my fijiaaron blog that I’m looking for webmail application recommendations. I’m leaning towards v-webmail.
One last thing will be to set up virtual domains, so that, for example, cuencatravel.qa-site.com can have it’s own email setup.
