Haack's Wiki

User Tools

Site Tools

Trace:
computing:exim4

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision		Previous revision
computing:exim4 [2021/07/20 23:29] oemb1905computing:exim4 [2024/12/16 01:32] (current) oemb1905
Line 84: Line 84:
 Notice the MAIN_TLS_ENABLE = yes line is added and will this time, survive a service restart because of the localmacros file created above. Next, it is time to symlink your TLS certificate and keypair to the default location for exim4. In my case, I already had Let’s Encrypt set up on this server for my primary domain, so I just used that pair as follows (proceed with caution): Notice the MAIN_TLS_ENABLE = yes line is added and will this time, survive a service restart because of the localmacros file created above. Next, it is time to symlink your TLS certificate and keypair to the default location for exim4. In my case, I already had Let’s Encrypt set up on this server for my primary domain, so I just used that pair as follows (proceed with caution):
  
-  cd /etc/exim4 
   sudo -i   sudo -i
 +  cd /etc/exim4
   ln -s ../letsencrypt/live/teacher.codetalkers.club/fullchain.pem exim.crt   ln -s ../letsencrypt/live/teacher.codetalkers.club/fullchain.pem exim.crt
   ln -s ../letsencrypt/live/teacher.codetalkers.club/privkey.pem exim.key   ln -s ../letsencrypt/live/teacher.codetalkers.club/privkey.pem exim.key
Line 181: Line 181:
   rm /var/log/exim4/*   rm /var/log/exim4/*
   sysemctl restart exim4.service   sysemctl restart exim4.service
 +  
 +To delete all frozen emails and/or individually delete/read.
 +
 +  exim -bp | awk '/^ *[0-9]+[mhd]/{print "exim -Mrm " $3}' | bash
 +
 +To read email body:
 +
 +  exim4 -Mvb <message id>
 +
 +To view the email header:
 +
 +  exim -Mvh <message id>
 +
 +TLS can pitch an annoying warning that states "TLS connections will fail. Suggested action: either install a certificate or change tls_advertise_hosts option."  I should not be getting this Warning, nor should I have to change any options in the config, since I am already advertising TLS and properly accepting smtp connections from it (see swaks output above).  Most online resources talk about getting this warning when it is a false positive, but in this case, it is false negative, meaning it is saying I don't have this but I do.  Here's how to suppress the irrelevant and in this case, incorrect, warning:
 +
 +  sudo nano /etc/exim4/exim4.conf.template
 +  
 +Search for "A weaker form" and once you get to that section look for where it states ''.else'' and then "Use upstream defaults" and then closes with ''.endif'' - right in between else/endif, put the following line:
 +
 +  tls_advertise_hosts =
 +
 +Just so you are clear, it will look like this:
 +
 +{{ :computing:tls.png?400 |}}
 +
 +To stop the relay from barfing when clients with incomplete TLS emails through it, you can do the following on the client sending th email (not on the server/relay):
 +
 +  sudo nano /etc/exim4/exim4.conf.localmacros
 +  REMOTE_SMTP_SMARTHOST_TLS_VERIFY_HOSTS = !*
 +  systemctl restart exim4
  
- --- //[[jonathan@haacksnetworking.com|oemb1905]] 2021/07/20 17:27//+ --- //[[alerts@haacksnetworking.org|oemb1905]] 2024/12/16 01:30//
computing/exim4.1626823761.txt.gz · Last modified: 2021/07/20 23:29 by oemb1905

Page Tools

Except where otherwise noted, content on this wiki is licensed under the following license: GNU Free Documentation License 1.3
GNU Free Documentation License 1.3 Donate Powered by PHP Valid HTML5 Valid CSS Driven by DokuWiki