====== Exim4 ======

MTA, Service SMTP

Voir aussi:
  * [[/informatique/reseau/postfix|Postfix]]
  * [[/informatique/spam|/informatique/spam]] pour de la "bonne" configuration

Documentation:
  * [[http://bradthemad.org/tech/notes/exim_cheatsheet.php|Exim Cheatsheet]]
  * [[https://www.exim.org/exim-html-current/doc/html/spec_html/ch-main_configuration.html|main configuraiton]]
  * [[https://manpages.debian.org/stretch/exim4-base/exim.8.en.html|exim4-base manpage]]
===== Tips & Tricks =====

==== fallback (wildcard) alias  ====

In ''/etc/exim4/exim4.conf.template'' replace:
<code>
system_aliases:
  ...
  data = ${lookup{$local_part}lsearch{/etc/aliases}}
</code>

By:
<code>
system_aliases:
  ...
  data = ${lookup{$local_part}lsearch*@{/etc/aliases}}
</code>

Add the fallback alias in ''/etc/aliases''

For example:
<code>  * : a_local_user</code>
or
<code>  * : a_remote_user@internet.net</code>

Run ''newaliases'' to make Exim4 know new aliases.

==== Vider le queue ====

Forcer le traitement de la queue:
  # /usr/sbin/exim -qf

Ainsi que les messages "frozen":
  # /usr/sbin/exim -qff

Compter le nombre de messages dans la queue:
  # /usr/sbin/exim -bpr | grep "<" | wc -l 

==== Helpful Exim Commands ====

<code>
exim4 -bP => dump la configuration

$ sudo exim4 -bP| grep nonmail
smtp_accept_max_nonmail = 100
smtp_accept_max_nonmail_hosts = *
</code>

<code>
exim4   -M   email-id        => Force delivery of one message
exim4 -qf                  => Force another queue run
exim4 -qff                 => Force another queue run and attempt to flush the frozen message
exim4  -Mvl   messageID  => View the log for the message
exim4  -Mvb  messageID  => View the body of the message
exim4  -Mvh  messageID  => View the header of the message
exim4 -Mrm  messageID  =>  Remove message without sending any error message
exim4  -Mg  messageID   =>  Giveup and fail message to bounce the message to the Sender

exim4 -bpr | grep “<” | wc -l    =>Number of emails in the que
exim4 -bpr | grep frozen | wc -l   => How many Frozen mails on the queue

# Deleteing Frozen Messages
$ sudo exim4 -bpr | grep frozen | awk {'print $3'} | xargs sudo /usr/sbin/exim -Mrm
</code>

==== no immediate delivery ====

no immediate delivery: more than 10 messages received in one connection

''$ sudo editor /etc/exim4/exim4.conf.template''

change (or add) line: smtp_accept_queue_per_connection=30

update config: ''$ sudo update-exim4.conf''

That's all.

View new config: ''$ sudo exim4 -bP | grep smtp_accept_''

====== Configuration ======

Smarthost + TLS :
  * https://wiki.debian.org/Exim
  * [[https://logd.fr/exim4-connexion-smtp-securisee-via-tls/|Exim4, connexion SMTP sécurisée via TLS]]


===== DKIM =====

Cet exemple pour ''domain.tld'' et ses sous-domaines, avec le selecteur ''default''

Générer les clés:
<code bash>
$ openssl genrsa -out dkim.key 2048
$ openssl rsa -in dkim.key -out dkim.pub -pubout -outform PEM
</code>

Publier la clé publique sur le DNS

<code>
default._domainkey.domain.tld. 60 DKIM "k=rsa;s=email;p=MIIBIjANBgkqhkiG9w0B...QAB;"
</code>

Configurer exim4 dans ''/etc/exim4/exim4.conf.localmacros''
<code bash>
MAIN_TLS_ENABLE=1
REMOTE_SMTP_SMARTHOST_HOSTS_REQUIRE_TLS=*

DKIM_DRIVER=smtp
DKIM_DOMAIN=domain.tld
#DKIM_DOMAIN=${lc:${domain:$h_from:}}
DKIM_SELECTOR=default
DKIM_CANON=relaxed
DKIM_PRIVATE_KEY=/etc/exim4/dkim.key
</code>

Générer la config et informer le service:
<code bash>
$ sudo update-exim4.conf
$ sudo systemctl reload exim4.service
</code>

Puis vérifier en envoyant un email à check-auth@verifier.port25.com ou https://mail-tester.com (3 tests par jour).
<code bash>$ mail -s 'test' check-auth@verifier.port25.com</code>