Best distro for Exim/Cyrus

Vladislav Kurz vladislav.kurz at webstep.net
Tue Feb 11 03:56:54 EST 2014 

On Monday 10 of February 2014 23:13:42 Paul O'Rorke wrote:
> Hi again Cyrus list,
> 
> still trying to find a definitive resource to use to get this mail
> server up and running.  Does anyone know of a good howto for setting up
> Debian/Exim/Cyrus?  I think this is the combination I want to move from
> the Centos/Exim/Dovecote box I inherited but I must confess to really
> struggling here.

Here are the most important snippets of my Debian/exim/cyrus config for sasldb 
authentication, exim split config. Based on squeeze, so be careful there might 
be small changes in wheezy. Changes noted as a diff file.

/etc/exim4/conf.d/main/00_exim4-config_localmacros: (new file)

+ LOCAL_DELIVERY = cyrus_delivery

/etc/exim4/conf.d/acl/30_exim4-config_check_rcpt:

  # Insist that any other recipient address that we accept is either in one of
  # our local domains, or is in a domain for which we explicitly allow
  # relaying. Any other domain is rejected as being unacceptable for relaying.
  require
    message = relay not permitted
    domains = +local_domains : +relay_to_domains
 
 
  # We also require all accepted addresses to be verifiable. This check will
  # do local part verification for both local and remote domains.
  # Callout is needed to do the check via LMTP. 
  # This is important to avoid backscatter bounces.
  # If you act as backup MX, you might need to adjust.
  require
-   verify = recipient
+   verify = recipient/callout
 
/etc/exim4/conf.d/router/900_exim4-config_local_user:

  # There are no local users in /etc/passwd. Check is done by callout in ACL.
  # Also there is no harm in having a mailbox named root.
  local_user:
    debug_print = "R: local_user for $local_part@$domain"
    driver = accept
    domains = +local_domains
-   check_local_user
-   local_parts = ! root
    transport = LOCAL_DELIVERY
    cannot_route_message = Unknown user

/etc/exim4/conf.d/transport/30_exim4-config_cyrus_delivery:

+ # LMTP over TCP/IP, allows callout verification, needs `lmtpd -a`
+ cyrus_delivery:
+   driver        = smtp
+   protocol      = lmtp
+   hosts         = 127.0.0.1
+   allow_localhost

/etc/exim4/conf.d/auth/30_exim4-config_examples

Uncomment all examples where driver = cyrus_sasl. Set server realm to full 
hostname, or check what is behind @ in sasldblistusers2. NTLM and MD5 
authentication can be allowd even over unencrypted connections.

/etc/imapd.conf

sasl_pwcheck_method: auxprop
sasl_auxprop_plugin: sasldb

/etc/cyrus.conf

lmtp          cmd="lmtpd -a" listen="localhost:lmtp" prefork=0 maxchild=20
#lmtpunix     cmd="lmtpd" listen="/var/run/cyrus/socket/lmtp" prefork=0 ... 

/etc/services

lmtp            24/tcp

--- eof ---

I have omitted lots of other changes I do to exim config, as they are not 
related to exim-cyrus integration.

-- 
Best Regards
        Vladislav Kurz

=== WebStep, s.r.o. (Ltd.) ========= a step to the Web ===
address: Mezirka 1, 602 00 Brno, CZ, tel: +420 548 214 711
=== www.webstep.net ======= vladislav.kurz at webstep.net ===

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.andrew.cmu.edu/pipermail/info-cyrus/attachments/20140211/7ea7c0b4/attachment-0001.html

More information about the Info-cyrus mailing list