This is an old revision of the document!
Use this for personal machines behind someone else's LAN. It turns exim into a MUA instead of a MTA. That is, tt uses your remote self-hosted smtp instead of sending directly.
sudo apt install exim4 sudo nano /etc/exim4/update-exim4.conf.conf dc_eximconfig_configtype='smarthost' dc_smarthost='mail.domain.com::587' dc_local_interfaces='127.0.0.1 ; ::1' dc_other_hostnames='' dc_readhost='' dc_relay_domains='' dc_minimaldns='false' dc_hide_mailname='true' sudo nano /etc/exim4/passwd.client mail.domain.com:user:password *:user:password sudo chown root:Debian-exim /etc/exim4/passwd.client sudo chmod 640 /etc/exim4/passwd.client #setup headers sudo nano /etc/email-addresses sexa: remote@haacksnetworking.org root: remote@haacksnetworking.org *: remote@haacksnetworking.org #calm tls sudo nano /etc/exim4/exim4.conf.localmacros MAIN_TLS_ADVERTISE_HOSTS = REMOTE_SMTP_SMARTHOST_HOSTS_REQUIRE_TLS = * MAIN_HARDCODE_PRIMARY_HOSTNAME = domain.com MAIN_LOCAL_DOMAINS = sudo update-exim4.conf sudo systemctl restart exim4 echo "Test after permission fix" | mail -s "Exim4 test 2" oemb1905@jonathanhaack.com sudo tail -f /var/log/exim4/mainlog
Here's a copy pastable version:
sudo apt install exim4 cat << 'EOF' | sudo tee /etc/exim4/update-exim4.conf.conf dc_eximconfig_configtype='smarthost' dc_smarthost='mail.domain.com::587' dc_local_interfaces='127.0.0.1 ; ::1' dc_other_hostnames='' dc_readhost='' dc_relay_domains='' dc_minimaldns='false' dc_hide_mailname='true' EOF cat << 'EOF' | sudo tee /etc/exim4/passwd.client mail.domain.com:user:password *:user:password EOF sudo chown root:Debian-exim /etc/exim4/passwd.client sudo chmod 640 /etc/exim4/passwd.client sudo cat << EOF > /etc/email-addresses sexa: remote@haacksnetworking.org root: remote@haacksnetworking.org *: remote@haacksnetworking.org EOF cat << 'EOF' | sudo tee /etc/exim4/exim4.conf.localmacros MAIN_TLS_ADVERTISE_HOSTS = REMOTE_SMTP_SMARTHOST_HOSTS_REQUIRE_TLS = * MAIN_HARDCODE_PRIMARY_HOSTNAME = domain.com MAIN_LOCAL_DOMAINS = EOF sudo update-exim4.conf sudo systemctl restart exim4 echo "Exim4 configured and restarted." echo "Test with:" echo 'echo "Test from $(hostname)" | mail -s "Exim4 test from $(hostname)" test@gmail.com'
For system alerts/errors, the system will email the root user at root@</etc/mailname>, so we also need to change /etc/mailname to match the top level domain instead of hosts/hostname.
echo "haacksnetworking.org" | sudo tee /etc/mailname
Thus, when an error happens, the system emails root@haacksnetworking.org, which aliases to notifications@haacksnetworking.org, and the email that arrives comes from root@</etc/hostname>, or client.domain.com. This means that the envelope-from is client.domain.com. This means that, for system errors, you will get an spf None error unless you add an spf record for the subdomain client.domain.com. To be clear, cronjobs and echo + mail from the command line will honor the hardcode domain.com up above in localmacros and send from domain.com, so there is no need for an additional spf for common taks/cron. However, if/when anything goes wrong and the system needs to email you, it will use the fqdn of the client, or client.domain.com and thus to ensure those emails arrive, you should set up spf for the subdomain. (DKIM originates on the server, not the client, so it is not impacted).
"v=spf1 a mx ip4:7.8.99.155 ip6:3702:gb50:0:1::99 ~all"
Once that's done, edit /etc/aliases so that messages to root get sent to your target email address and use the domain user + domain specified above:
root: notifications@haacksnetworking.org
Simulate a local error and see if it arrives properly:
echo "System Error Send Test - $(date)" | mail -s "System Error Send Test $(date)" root
If everything is setup right, the email should arrive at notifications@haacksnetworking.org.
— oemb1905 2026/04/08 16:04
