Differences between revisions 13 and 14
Revision 13 as of 2006-05-09 12:12:06
Size: 8463
Editor: ZugSchlus
Comment:
Revision 14 as of 2006-05-16 16:35:07
Size: 9215
Comment:
Deletions are marked like this. Additions are marked like this.
Line 35: Line 35:

One possible answer to why your local (home) connection is not sending out email is that your ISP blocks port 25 further upstream from you.
This prevents computers on your ISP's network (including yours) from sending out mail. Many ISPs do this as a security precaution because
"Zombie" computers can be used to send out spam.

One possible solution is to use another port to send your mail. You will have to configure your runtime configuration file which under
debian and ubuntu is /etc/exim4/exim4.conf.template. Edit that file and place under main/02_exim4-config_options this line;

daemon_smtp_ports=smtp : 587

This allows the exim4 daemon to listen on port 587 and should allow you to send and receive emails on that port.


1. Debian Exim4 User FAQ

This is work in progress, so it is probably not yet very helpful.

?TableOfContents


1.1. Questions not categorized yet

1.1.1. How do I re-execute the debconf-driven configuration?

  • dpkg-reconfigure exim4-config
  • $EDITOR /etc/exim4/update-exim4.conf.conf
  • Further reading: man update-exim4.conf


1.1.2. When I try to deliver a message via SMTP to my Exim, I get "550 relay not permitted"

Answer not yet fleshed out.

  • dc_relay_nets
  • If client host is on dynamic IP, SMTP AUTH
  • ISP blocking tcp/25


1.1.3. I cannot connect to my Exim from my home connection. From internet hosts, it works

Answer not yet fleshed out.

  • ISP blocking tcp/25

One possible answer to why your local (home) connection is not sending out email is that your ISP blocks port 25 further upstream from you. This prevents computers on your ISP's network (including yours) from sending out mail. Many ISPs do this as a security precaution because "Zombie" computers can be used to send out spam.

One possible solution is to use another port to send your mail. You will have to configure your runtime configuration file which under debian and ubuntu is /etc/exim4/exim4.conf.template. Edit that file and place under main/02_exim4-config_options this line;

daemon_smtp_ports=smtp : 587

This allows the exim4 daemon to listen on port 587 and should allow you to send and receive emails on that port.

  • Use ISP Smarthost
  • Use tcp/587
  • ISP blocking incoming tcp/25 => no chance to have an MX there


1.1.4. I am trying to have exim forward mail to some internal hosts, but all I am getting is "all relevant MX records point to non-existent hosts"

A probeble cause for this might be that all MX records for the offending domain point to site local or link local IP addresses, which are ignored by the dnslookup router to protect from misconfigured external domains. The default configuration has relaxed checking for domains that the local system is configured to allow relaying to, so adding the offending domain to dc_relay_domains will most probably help.

Please note that no domain on the public Internet should have MX records pointing to site local or link local IP addresses, so you might check your externally visible MX records.

If this doesn't help, try analyzing the output of exim -d -bt some.local.part@the.offending.domain.example

[http://www.exim.org/eximwiki/FAQ/Routing_to_remote_hosts/Q0302 Upstream Exim FAQ Q0302] might help as well.


1.1.5. What do "lowest numbered MX record points to local host" or "remote host address is the local host" mean?

This is covered in [http://www.exim.org/eximwiki/FAQ/Routing_to_remote_hosts/Q0301 Upstream Exim FAQ Q0301.] The Debian default configuration has the hubbed_hosts router mentioned there already defined. Its configuration file is /etc/exim4/hubbed_hosts, and some documentation can be found in /etc/exim4/conf.d/router/150_exim4-config_hubbed_hosts.


1.1.6. What do the "DEBCONFfooDEBCONF" macros in the Debian configuration do?

When the Exim daemon is started, the dpkg-conffiles in /etc/exim4 are post-processed to the result /var/lib/exim4/config.autogenerated, which is the configuration file that Exim reads. In this post-processing step, done by update-exim4.conf, the DEBCONFfooDEBCONF strings are replaced with values pulled from /etc/exim4/update-exim4.conf.conf and system configuration.

Please note that the string DEBCONF is kind of a misnomer since the strings are _not_ directly pulled from the Debconf database, but from user-editable conffiles instead. This is a common misunderstanding.

For more information, read the update-exim4.conf man page.


1.1.7. I am experiencing timeout issues with TLS connections

Answer not yet fleshed out.

  • GnuTLS Entropy issue
  • Kernel not generating enough entropy
    • network removed
  • /proc/sys/kernel/random/entropy_avail
  • hardware RNG
  • audio in RNG
  • Rebuild exim 4.60-3+ with OpenSSL


1.1.8. Why does my exim HELO as localhost.localdomain

Answer not yet fleshed out.

  • The name used in EHLO/HELO is pulled from configuration option primary_hostname

  • Debian's exim4 default configuration does not set primary_hostname

  • exim then defaults to uname() to find the host name. If that call only returns one component, gethostbyname() or getipnodebyname() is used to obtain the fully qualified host name.

  • Most frequent cause for localhost.localdomain is the default /etc/hostname created by Debian installation.

  • The recommended way is to fix the system instead of forcing exim to the intended host name.


1.1.9. How do I configure a catch-all?

Answer not yet fleshed out.

  • *: target in /etc/aliases

  • break the loop by aliasing the target account to itself
  • other aliases take precedence, alias exceptions to themselves
  • catch-all is a real bad idea these days


1.1.10. Exim stops delivery after ten messages are received

Answer not yet fleshed out.

  • In the default configuration, exim delivers the first ten messages received over a single SMTP connection immediately, and places the following messages on the queue.
  • These messages will be delivered by the next queue runner process
  • Queue runners are started every 30 minutes by default.
  • This situation is most frequently experienced by sites running fetchmail
  • One possible fix: increase smtp_accept_queue_per_connection. This option is not in the default configuration, hence the default of 10 is used by exim.
  • In the fetchmail case, a better fix is to have fetchmail execute exim -q after finishing the retrieving process.
    • This decreases the load spike which would otherwise be experienced.
    • You can specify a command to execute in fetchmailrc using postcommand, e.g. postcommand "/usr/sbin/exim4 -q" (assuming your user has correct permissions).


1.1.11. How can I debug SMTP AUTH and/or other SMTP aspects

  • Exim's logs are usually quite helpful
  • Find out which side of the communication is causing you trouble
    • Check whether the other side behaves properly
    • Use telnet, openssl and/or gnutls-cli for low-level debugging
    • If you are not too familiar with SMTP's innards, consider using [http://packages.debian.org/swaks swaks] for debugging.


1.1.12. I have configured exim with help of a non-Debian HOWTO. It doesn't work.

Unfortungately, a lot of third-party documentation has been written by people who do not fully understand how things work. They might have been successful in solving the issue at their hands, but challenges are so different that it is extremely improbable that the solution will hold in other situations.

It is thus adviseable to take third-party HOWTOs with extreme caution and use them only as input for a local solution. Taking a third-party configuration snippet verbatim is like asking for extreme trouble.

In this FAQ entry, we'll link to third-party HOWTO documents and comment about what we think about their contents.

  • [http://www.lexspoon.org/linux/smtp-relay.html SMTP Relaying Via a Smarthost.] This document shows basic understanding of the concepts in an abstract way, but gives questionable advice in detail.

    • The document gives a truckload of Debian-specific advice and does not say that it is Debian-specific. This suggests that the author does not have too much E-Mail admin experience, and nearly none outside a Debian environment.
    • Why does the document recommend changing our local configuration to use a hardcoded user name instead of the file lookup that we provide?
    • Why does the document recommend having Exim listen on Port 26 instead of using the standardized submission port 587?
    • The author has never heard of swaks and advocates manual debugging
    • The author rants about Debian's exim4 configuration scheme and calls it "confusing". In the same paragraph, he says that he didn't find out how to use a single, hand-crafted exim4.conf file. Considered that it is prominently documented in the README that /etc/exim4/exim4.conf takes absolute preference over all other configurations, it looks to me that the author of this HOWTO did not bother to read our documentation.
  • [http://koivi.com/exim4-config/ Installing and configuring Exim 4 on Debian.] This document gives advice how to configure spamassassin, clamav and some implementation of "virtual domains". Please note that "virtual" is a very overused term and you might think of "virtual domains" as something different than the document's author might think. Additionally, the documentation uses exim's built-in content scanning interface to link to clamav, but uses sa-exim for spamassassin integration. This is double work since exim's built-in content scanning can link to spamassassin as well.