apt-get install exim4) and configuring (
dpkg-reconfigure exim4-config) the server. I decided not to split the configuration into multiple files within the
/etc/exim4/conf.d directory, so the single config file
/etc/exim4/exim4.conf.template is used instead! The default configuration seems to listen on port 25 only. Adding the lines
daemon_smtp_ports = 25 : 465 : 587 tls_on_connect_ports = 465
enables the TCP ports 465 and 587 as well, some mail programs need it this way.
In a subsequent step, the mail server is configured for TLS. A self signed certificate is generated by executing
MAIN_TLS_ENABLE = yes in the TLS section of
/etc/exim4/exim4.conf.template enables it. In the same file, the sections with
login_saslauthd_server need to be uncommented.
Allowed email users are added to
/usr/share/doc/exim4-base/examples/exim-adduser. The password file
/etc/exmin4/passwd should be protected:
chown root:Debian-exim /etc/exim4/passwdfollowed by
chmod 640 /etc/exim4/passwd. For each of these users a home directory is needed to deliver the mail (calling
adduser <name> on Ubuntu).
Configuring SASL by installing it (
apt-get install sasl2-bin) and editing
exim4 needs to be a member in the
adduser Debian-exim sasl. The server needs a restart:
systemctl restart saslauthd.
At the end, updating (
update-exim4.conf) and restarting (
systemctl restart exim4) might be a good idea. The update converts the config template and auto-generates the configuration to
/var/lib/exim4/config.autogenerated where it is read by exim4 itself.
exim4 to work, the firewall should open TCP ports 25 and 587 (SSL).