|
On Monday 10 of February 2014 23:13:42 Paul O'Rorke wrote: > Hi again Cyrus list, > > still trying to find a definitive resource to use to get this mail > server up and running. Does anyone know of a good howto for setting up > Debian/Exim/Cyrus? I think this is the combination I want to move from > the Centos/Exim/Dovecote box I inherited but I must confess to really > struggling here.
Here are the most important snippets of my Debian/exim/cyrus config for sasldb authentication, exim split config. Based on squeeze, so be careful there might be small changes in wheezy. Changes noted as a diff file.
/etc/exim4/conf.d/main/00_exim4-config_localmacros: (new file)
+ LOCAL_DELIVERY = cyrus_delivery
/etc/exim4/conf.d/acl/30_exim4-config_check_rcpt:
# Insist that any other recipient address that we accept is either in one of # our local domains, or is in a domain for which we explicitly allow # relaying. Any other domain is rejected as being unacceptable for relaying. require message = relay not permitted domains = +local_domains : +relay_to_domains
# We also require all accepted addresses to be verifiable. This check will # do local part verification for both local and remote domains. # Callout is needed to do the check via LMTP. # This is important to avoid backscatter bounces. # If you act as backup MX, you might need to adjust. require - verify = recipient + verify = recipient/callout
/etc/exim4/conf.d/router/900_exim4-config_local_user:
# There are no local users in /etc/passwd. Check is done by callout in ACL. # Also there is no harm in having a mailbox named root. local_user: debug_print = "R: local_user for $local_part@$domain" driver = accept domains = +local_domains - check_local_user - local_parts = ! root transport = LOCAL_DELIVERY cannot_route_message = Unknown user
/etc/exim4/conf.d/transport/30_exim4-config_cyrus_delivery:
+ # LMTP over TCP/IP, allows callout verification, needs `lmtpd -a` + cyrus_delivery: + driver = smtp + protocol = lmtp + hosts = 127.0.0.1 + allow_localhost
/etc/exim4/conf.d/auth/30_exim4-config_examples
Uncomment all examples where driver = cyrus_sasl. Set server realm to full hostname, or check what is behind @ in sasldblistusers2. NTLM and MD5 authentication can be allowd even over unencrypted connections.
/etc/imapd.conf
sasl_pwcheck_method: auxprop sasl_auxprop_plugin: sasldb
/etc/cyrus.conf
lmtp cmd="lmtpd -a" listen="localhost:lmtp" prefork=0 maxchild=20 #lmtpunix cmd="lmtpd" listen="/var/run/cyrus/socket/lmtp" prefork=0 ...
/etc/services
lmtp 24/tcp
--- eof ---
I have omitted lots of other changes I do to exim config, as they are not related to exim-cyrus integration.
-- Best Regards Vladislav Kurz
=== WebStep, s.r.o. (Ltd.) ========= a step to the Web === address: Mezirka 1, 602 00 Brno, CZ, tel: +420 548 214 711 === www.webstep.net ======= vladislav.kurz@xxxxxxxxxxx ===
|
---- Cyrus Home Page: http://www.cyrusimap.org/ List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/ To Unsubscribe: https://lists.andrew.cmu.edu/mailman/listinfo/info-cyrus
