Recipe for making the SMTP/IMAP server a public mail server

This recipe is based on Debian Edu Squeeze (6.0), and change the default mail server setup from using the Debian Edu configuration to using the default exim4 configuration. The original setup is in /etc/exim4/exim-ldap-server-v4.conf, but it is easier to adjust the default exim4 setup than to edit the preloaded setup.

Setting this up consist of these steps:

  1. Prepare the default exim4 config to use LDAP for user information.
  2. Prepare the default exim4 config to deliver to /var/spool/mail in maildir format.
  3. Decide which DNS domain to use for public email (using example.com).
  4. Set up the exim4 configuration with the new DNS domain
  5. Change mail name for tjener to get valid addresses in outgoing email.
  6. Switch to generated contiguration instead of the Debian Edu provided configuration.
  7. Add port forwarding in the gateway, allowing connections from the outside for port 25 to make it to tjener.intern
  8. Update DNS, add MX entry for the selected DNS domain.

Note that root email is now delivered to /var/mail/mail, not /var/mail/root as before. This is the new default for exim, and I did not try to change it.

Prepare the default exim4 config to use LDAP for user information.

This step add a config fragment to the generated exim4 configuration, telling exim to look up users in the Skolelinux/Debian Edu LDAP directory. It was partly based on the setup found in http://edin.no-ip.com/blog/hswong3i/exim4-ldap-0-0-5-initial-released .

cat > /etc/exim4/conf.d/router/950_exim4_config_ldap_user <<EOF
# LDAP Server info
LDAPBASE = dc=skole,dc=skolelinux,dc=no
LDAPSERVER = ldap.intern

ldap_user:
  debug_print = "R: ldap_user for $local_part@$domain"
  driver = accept
  condition = ${if eq {}{${lookup ldap {ldap://LDAPSERVER/LDAPBASE?uid?sub?(uid=${local_part})}} }{no}{yes}}
  cannot_route_message = Recipent ${local_part} unknown.
  retry_use_local_part
  transport = LOCAL_DELIVERY
EOF
chmod 644 /etc/exim4/conf.d/router/950_exim4_config_ldap_user

Prepare the default exim4 config to deliver to /var/spool/mail in maildir format

The default maildir delivery put the emails in the users home directory. To make sure email are delivered to /var/spool/mail/ where the IMAP server expect to find them, add a new transport for this, based on the 30_exim4-config_maildir_home transport.

cat > /etc/exim4/conf.d/transport/30_exim4-config_maildir_spool <<EOF
### transport/30_exim4-config_maildir_spool
#################################

# Use this instead of mail_spool if you want to to deliver to Maildir in
# /var/spool/mail - change the definition of LOCAL_DELIVERY
#
maildir_spool:
  debug_print = "T: maildir_spool for $local_part@$domain"
  driver = appendfile
  .ifdef MAILDIR_HOME_MAILDIR_LOCATION
  directory = MAILDIR_HOME_MAILDIR_LOCATION
  .else
  directory = /var/spool/mail/$local_part/
  .endif
  .ifdef MAILDIR_HOME_CREATE_DIRECTORY
  create_directory
  .endif
  .ifdef MAILDIR_HOME_CREATE_FILE
  create_file = MAILDIR_HOME_CREATE_FILE
  .endif
  delivery_date_add
  envelope_to_add
  return_path_add
  maildir_format
  .ifdef MAILDIR_HOME_DIRECTORY_MODE
  directory_mode = MAILDIR_HOME_DIRECTORY_MODE
  .else
  directory_mode = 0700
  .endif
  .ifdef MAILDIR_HOME_MODE
  mode = MAILDIR_HOME_MODE
  .else
  mode = 0600
  .endif
  mode_fail_narrower = false
  current_directory = /var/mail
  group = mail
EOF

To use this transport, change the dc_localdelivery line in /etc/exim4/update-exim4.conf.conf to look like this:

dc_localdelivery='maildir_spool'

Decide which DNS domain to use for public email

You need to decide which DNS domain to use, and the DNS name under this domain to give to tjener.intern. In this recipe, I have used example.com as the DNS domain, and postoffice.example.com as the DNS name for tjener.intern.

Set up the exim4 configuration with the new DNS domain

Run dpkg-reconfigure exim4-config as root provide these answers to the debconf questions:

General type of mail configuration:

internet site; mail is sent and received directly using SMTP

System mail name:

postoffice.example.com

IP-addresses to listen on for incoming SMTP connections:

[blank]

Other destinations for which mail is accepted:

intern;postoffice.intern;example.com

Machines to relay mail for:

10.0.0.0/8

Keep number of DNS-queries minimal (Dial-on-Demand)?

No

Delivery method for local mail:

Maildir format in home directory

Split configuration into small files?

Yes

Change mail name for tjener to get valid addresses in outgoing email

The mail name is in /etc/mailname. Replace the content with postoffice.example.com.

echo postoffice.example.com > /etc/mailname

Switch to generated contiguration instead of the Debian Edu provided configuration

By default, exim will read the generated configuration in /var/ unless /etc/exim4/exim4.conf exist. Just remove the symlink /etc/exim4/exim4.conf and restart exim4 to use the generated configuration.

rm /etc/exim4/exim4.conf
service exim4 restart

Add port forwarding in the gateway, allowing connections from the outside for port 25 to make it to tjener.intern

How this is done depend on the brand of your gateway.

Update DNS, add MX entry for the selected DNS domain

How this is done depend on your DNS setup. The example.com MX record should point to the external IP address of your gateway.