This is an old revision of the document!
Use this for personal machines behind someone else's LAN. It turns exim into a MUA instead of a MTA. That is, tt uses your remote self-hosted smtp instead of sending directly.
sudo apt install exim4 sudo nano /etc/exim4/update-exim4.conf.conf dc_eximconfig_configtype='smarthost' dc_smarthost='mail.domain.com::587' dc_local_interfaces='127.0.0.1 ; ::1' dc_other_hostnames='' dc_readhost='' dc_relay_domains='' dc_minimaldns='false' dc_hide_mailname='true' sudo nano /etc/exim4/passwd.client mail.domain.com:user:password *:user:password sudo chown root:Debian-exim /etc/exim4/passwd.client sudo chmod 640 /etc/exim4/passwd.client #setup headers sudo nano /etc/email-addresses sexa: remote@haacksnetworking.org root: remote@haacksnetworking.org *: remote@haacksnetworking.org #calm tls sudo nano /etc/exim4/exim4.conf.localmacros MAIN_TLS_ADVERTISE_HOSTS = REMOTE_SMTP_SMARTHOST_HOSTS_REQUIRE_TLS = * #MAIN_HARDCODE_PRIMARY_HOSTNAME = user.domain.com MAIN_LOCAL_DOMAINS = sudo update-exim4.conf sudo systemctl restart exim4 echo "Test after permission fix" | mail -s "Exim4 test 2" oemb1905@jonathanhaack.com sudo tail -f /var/log/exim4/mainlog
Here's a copy pastable version:
sudo apt install exim4 cat << 'EOF' | sudo tee /etc/exim4/update-exim4.conf.conf dc_eximconfig_configtype='smarthost' dc_smarthost='mail.domain.com::587' dc_local_interfaces='127.0.0.1 ; ::1' dc_other_hostnames='' dc_readhost='' dc_relay_domains='' dc_minimaldns='false' dc_hide_mailname='true' EOF cat << 'EOF' | sudo tee /etc/exim4/passwd.client mail.domain.com:user:password *:user:password EOF sudo chown root:Debian-exim /etc/exim4/passwd.client sudo chmod 640 /etc/exim4/passwd.client sudo cat << EOF > /etc/email-addresses sexa: remote@haacksnetworking.org root: remote@haacksnetworking.org *: remote@haacksnetworking.org EOF cat << 'EOF' | sudo tee /etc/exim4/exim4.conf.localmacros MAIN_TLS_ADVERTISE_HOSTS = REMOTE_SMTP_SMARTHOST_HOSTS_REQUIRE_TLS = * #MAIN_HARDCODE_PRIMARY_HOSTNAME = user.domain.com MAIN_LOCAL_DOMAINS = EOF sudo update-exim4.conf sudo systemctl restart exim4 echo "Exim4 configured and restarted." echo "Test with:" echo 'echo "Test from $(hostname)" | mail -s "Exim4 test from $(hostname)" test@gmail.com'
For system alerts/errors, the system will attempt to email root@mailname, so we also need to change /etc/mailname to the top level domain.
echo "haacksnetworking.org" | sudo tee /etc/mailname
Once that's done, edit /etc/aliases so that messages to root get sent to your target email address and use the domain user + domain specified above:
root: notifications@haacksnetworking.org
Simulate a local error and see if it arrives properly:
echo "System Error Send Test - $(date)" | mail -s "System Error Send Test $(date)" root
If everything is setup right, the email should arrive at notifications@haacksnetworking.org. Now, for spf to pass, you have two approaches:
- Make the client think it is
domain.comby changing hosts and hostname like you did mailname - Create a subdomain record for
client.domain.comthat permits the mailserver as an origin
The reason this is needed is because of the sender's envelope domain showing as client.domain.com in the headers to target email servers. Theoretically, the changes in /etc/email-addresses should handle this, but I found that they did not do that reliably. This should resolve that issue.
— oemb1905 2026/04/08 16:04
