Differences

This shows you the differences between two versions of the page.

--- exim4:install_exim4_complete [2016/11/08 15:39] – peter
+++ exim4:install_exim4_complete [2020/07/25 17:30] (current) – old revision restored (2016/11/08 11:39) 92.220.10.100
@@ Line 1: / Line 1: @@
 ====== Exim4 - Install Exim4 Complete ======
-Our mail server supports virtual accounts using the MySQL database, SMTP-authentication and secure connection TLS / SSL.
+Our mail server supports virtual accounts using the MySQL database (enable set like MySQL, I spoke here ), SMTP-authentication and secure connection TLS / SSL.
 To use TLS / SSL create a certificate.
@@ Line 12: / Line 12: @@
 <WRAP alert>
-There are less than 9999 days left before the Unix / Linux 32-bit date wrap-around occurs.
+Less than 9999 days exist before the Unix / Linux 32-bit date wrap-around occurs.
-This can result in the days being calculated as a negative date.  It would be safer to use a more meaningful number of days.
 </WRAP>
-and fill in the following fields with any data you like (as this is purely a self-signed certificate) except for the **Common Name (eg, YOUR name) []** field where you need to enter the name of the server:
 <code bash>
@@ Line 30: / Line 25: @@
 </code>
-Our **Common Name** field is:
+Fills as your heart desires (because you're not going to pay for the certificate), except for the string **Common Name (eg, YOUR name) []**.  Here you need to enter the name of our server:
 <code bash>
@@ Line 36: / Line 31: @@
 </code>
-The certificate files are created in the directory **/etc/ssl/certs**.  The file mail.pem, will be used for secure connections to our mail server.
+In the directory **/etc/ssl/certs** appeared certificate file mail.pem, which in the future we will use for the secure connection to our mail server.  We carry on this file two more opertsii:
-Set the certificate file permissions:
 <code bash>
@@ Line 45: / Line 38: @@
 </code>
-We are done with the certificates.  Now lets move to getting Exim setup.
+The certificate is over, now the loans directly to Exim.
 For Exim we need a non-privileged user that belongs to the group mail.  Create it.
@@ Line 52: / Line 45: @@
 pw useradd exim -c "Exim" -d /var/spool/mqueue -s /sbin/nologin -g mail
 exit
-cat /etc/passwd | grep exim
+cat /etc/passwd | grep exim -d /var/spool/mqueue -s /sbin/nologin -g mail
+exit
+cat /etc/passwd | pw useradd exim -c "Exim" -d /var/spool/mqueue -s /sbin/nologin -g mail
+exit
+cat /etc/passwd | grep exim
+pw useradd exim -c "Exim" -d /var/spool/mqueue -s /sbin/nologin -g mail
+exit
+cat /etc/passwd | grep exim exim:*:1003:6:Exim:/var/spool/mqueue/:/sbin/nologin mqueue /:/sbin/nologin
 </code>
-From the last command we find that your account has exim uid = 1003, and gid = 6.
+The last command we find that your account has exim uid = 1003, and gid = 6.  These data we need in the configuration.
-<WRAP tip>
-Take a note of the uid and gid as they will be needed later in the configuration.
-</WRAP>
 Pick the latest version of **Exim** (as of this writing - 4.50) from site www.exim.org.  Do not take the earlier version.  This is due to the fact that, since version 4.50, previously separately existing patch **exiscan-acl** is integrated in the source code.
@@ Line 74: / Line 70: @@
 <code bash>
-ee Local/Makefile
+$ ee Local/Makefile
 </code>
@@ Line 123: / Line 119: @@
 To find the path to library files and MySQL headers, execute:
-<code bash>
-/usr/local/mysql/bin/mysql_config
-</code>
-Result
-<code>
-Usage: /usr/local/mysql/bin/mysql_config [OPTIONS]
- Options:
- --cflags [-I /usr/local/mysql/include/mysql -fomit-frame-pointer]
- --include [-I /usr/local/mysql/include/mysql]
- --libs [-L /usr/local/mysql/ lib/mysql -lmysqlclient -lz -lcrypt -lm]
- --libs_r [-L /usr/local/mysql/lib/mysql -lmysqlclient_r -lz -lcrypt -lm
-   -lpthread]
- --socket [/tmp/mysql.sock]
- --port [3306]
- --version [4.1.10a]
- --libmysqld-libs [-L /usr/local/mysql/lib/mysql -lmysqld -lcrypt -lm -lpthread]
-</code>
-These values are substituted into the lines below ...
-<file bash>
- # LOOKUP_INCLUDE = -I /usr/local/ldap/include -I /usr/local/mysql/include
- # LOOKUP_LIBS = -L /usr/local/lib -lldap -llber -lmysqlclient -lpq
-  on
-  LOOKUP_INCLUDE = -I /usr/local/mysql/include/mysql
-  LOOKUP_LIBS = -L /usr/local/mysql/lib/mysql -lmysqlclient -lz -lcrypt -lm
-  EXIM_MONITOR = eximon.bin
-  on
-  # EXIM_MONITOR = eximon.bin
-  Here, we turn off support for Exim Monitor.
-  For Exim Monitor requires X11, contact is not used.
-  # WITH_CONTENT_SCAN = yes
-  on
-  WITH_CONTENT_SCAN = yes
-  # WITH_OLD_DEMIME = yes
-  on
-  WITH_OLD_DEMIME = yes
-  Here we include an option that will help Exim work with ClamAV and Spamassassin.  These are the same options that were not available prior to version 4.50.  He saved patch exiscan-acl.
-  # AUTH_CRAM_MD5 = yes
-  # AUTH_PLAINTEXT = yes
-  on
-  AUTH_CRAM_MD5 = yes
-  AUTH_PLAINTEXT = yes
-  Here we include of SMTP-authentication support for PLAIN and CRAM-MD5.
-  # SUPPORT_TLS = yes
-  on
-  SUPPORT_TLS = yes
-  Here we include TLS / SSL support for secure connection.
-  # TLS_LIBS = -lssl -lcrypto
-  on
-  TLS_LIBS = -lssl -lcrypto
-  Here we specify the names of libraries for TLS / SSL.
-  # LOG_FILE_PATH = /var/log/exim_%slog
-  on
-  LOG_FILE_PATH = /var/log/exim/exim_%slog
-  Putting log files to a separate directory.
-  EXICYCLOG_MAX = 10
-  on
-  EXICYCLOG_MAX = 20
-  Number of saved log files do I increase to 20 in the event debriefing with his superiors: "Where's my letter, which I sent two weeks ago?"
-  # EXIM_PERL = perl.o
-  on
-  EXIM_PERL = perl.o
-  Here we include support perl, to ensure the use of Perl-compatible regular expressions, etc ...
-  # CHOWN_COMMAND = /usr/bin/chown
-  on
-  CHOWN_COMMAND = /usr/sbin/chown
-  Here we specify the correct path to the chown command.
-  # SUPPORT_MOVE_FROZEN_MESSAGES = yes
-  on
-  SUPPORT_MOVE_FROZEN_MESSAGES = yes
-  Here we include support for the automatic movement "frozen" posts of the input directories and directories msglog Finput and Fmsglog main spool.
-</file>
-Save the changes.  It remains to compile and install Exim.
-<code bash>
-make
-su
-make install
-</code>
-After the installation is complete, you need to create a symbolic link, this will do the following:
-<code bash>
-ln -fs /usr/local/exim/bin/exim /usr/lib/sendmail
-ln -fs /usr/local/exim/bin/exim /usr/sbin/sendmail
-ln -fs /usr/local/exim/bin/exim /usr/bin/mailq
-ln -fs /usr/local/exim/bin/exim /usr/bin/runq
-</code>
-After that you want to remove from the object files Exim table name and line number information for this issue:
-<code bash>
-strip /usr/local/exim/bin/exim*
-exit
-</code>
-Before configuring Exim, you need to create a database, the user and the appropriate table for this issue:
-<code bash>
-/usr/local/mysql/bin/mysql -u myadmin -p
-</code>
-Result
-<code>
-Welcome to the MySQL monitor.  Commands end with;  or \ g.
-Your MySQL connection id is 3760 to server version: 4.1.10a-log
-Type 'help;'  or '\ h' for help.  Type '\ c' to clear the buffer.
-mysql>
-</code>
-Create the database.
-<code mysql>
-mysql> CREATE DATABASE exim;
-mysql> GRANT ALL PRIVILEGES ON exim.* TO sqlmail@localhost
-    -> IDENTIFIED BY 'my_password' WITH GRANT OPTION;
-mysql> quit
-</code>
-When the database and user created, you need to create the table structure, and enter data about users.  You can do this in the MySQL console, but we will create exim.sql file, which will then create us everything we need.
-<code bash>
-ee exim.sql
-</code>
-<file bash exim.sql>
-# Create the aliases table.
-CREATE TABLE aliases (
-  local_part varchar(64) NOT NULL default '',
-  domain varchar(128) NOT NULL default 'sharewiz.net',
-  recipients text,
-  PRIMARY KEY  (local_part,domain)
-);
-# Populate the aliases table.
-INSERT INTO aliases VALUES ('postmaster', 'sharewiz.net', 'admin');
-INSERT INTO aliases VALUES ('mailer-daemon', 'sharewiz.net', 'postmaster');
-INSERT INTO aliases VALUES ('root', 'sharewiz.net', 'postmaster');
-INSERT INTO aliases VALUES ('bin', 'sharewiz.net', 'root');
-INSERT INTO aliases VALUES ('daemon', 'sharewiz.net', 'root');
-INSERT INTO aliases VALUES ('sync', 'sharewiz.net', 'root');
-INSERT INTO aliases VALUES ('mail', 'sharewiz.net', 'root');
-INSERT INTO aliases VALUES ('pop', 'sharewiz.net', 'root');
-INSERT INTO aliases VALUES ('uucp', 'sharewiz.net', 'root');
-INSERT INTO aliases VALUES ('ftp', 'sharewiz.net', 'root');
-INSERT INTO aliases VALUES ('nobody', 'sharewiz.net', 'root');
-INSERT INTO aliases VALUES ('www', 'sharewiz.net', 'root');
-INSERT INTO aliases VALUES ('named', 'sharewiz.net', 'root');
-INSERT INTO aliases VALUES ('postgres', 'sharewiz.net', 'root');
-INSERT INTO aliases VALUES ('mysql', 'sharewiz.net', 'root');
-INSERT INTO aliases VALUES ('squid', 'sharewiz.net', 'root');
-INSERT INTO aliases VALUES ('operator', 'sharewiz.net', 'root');
-INSERT INTO aliases VALUES ('abuse', 'sharewiz.net', 'root');
-INSERT INTO aliases VALUES ('hostmaster', 'sharewiz.net', 'root');
-INSERT INTO aliases VALUES ('webmaster', 'sharewiz.net', 'root');
-# Create the domains table.
-CREATE TABLE domains (
-  domain varchar(128) NOT NULL default '',
-  type enum('LOCAL','RELAY','VIRTUAL') default 'LOCAL',
-  PRIMARY KEY  (domain)
-);
-# Populate the domains table.
-INSERT INTO domains VALUES ('sharewiz.net', 'LOCAL');
-# Create the userforward table.
-CREATE TABLE userforward (
-  local_part varchar(64) NOT NULL default '',
-  domain varchar(128) NOT NULL default '',
-  recipients text,
-  PRIMARY KEY  (local_part,domain)
-);
-# Create the users table.
-CREATE TABLE users (
-  login varchar(64) NOT NULL default '',
-  name varchar(128) NOT NULL default '',
-  password varchar(64) NOT NULL default '',
-  decrypt varchar(64) NOT NULL default '',
-  uid int(10) unsigned default '1003',
-  gid int(10) unsigned default '6',
-  domain varchar(128) NOT NULL default 'sharewiz.net',
-  quota tinyint(4) default '0',
-  status enum('0','1') default '1',
-  PRIMARY KEY  (login,domain)
-);
-</file>
-Create the tables, data, and the first user.
-<code mysql>
-/usr/local/mysql/bin/mysql -u sqlmail -p exim
-mysql> \. exim.sql
-mysql> INSERT INTO users (login,name,password,decrypt)
-    -> VALUES ('admin','John',encrypt('my_password'),'my_password');
-mysql> quit
-</code>
-It's time now to configure Exim.  Go to the directory where configuration file and do the following:
-<code bash>
-cd /usr/local/exim
-su
-mv configure configure.default
-</code>
-Edit the configuration file.
-<code bash>
-ee configure
-</code>
-and populate as:
-<file exim configure>
-######################################################################
-#                  Runtime configuration file for Exim               #
-######################################################################
-#######################################################################
-#                    MAIN CONFIGURATION SETTINGS                     #
-######################################################################
-primary_hostname = sharewiz.net
-domainlist local_domains = ${lookup mysql{SELECT domain FROM domains \
-                        WHERE domain='${domain}' AND \
-                        (type='LOCAL' OR type='VIRTUAL')}}
-domainlist relay_to_domains = ${lookup mysql{SELECT domain FROM domains \
-                        WHERE domain='${domain}' AND type='RELAY'}}
-hostlist   relay_from_hosts = 127.0.0.1
-auth_advertise_hosts = *
-daemon_smtp_ports = 25 : 465
-tls_on_connect_ports = 465
-tls_advertise_hosts = *
-tls_certificate = /etc/ssl/certs/mail.pem
-tls_privatekey = /etc/ssl/certs/mail.pem
-log_selector = \
-        +all_parents \
-        +lost_incoming_connection \
-        +received_sender \
-        +received_recipients \
-        +smtp_confirmation \
-        +smtp_syntax_error \
-        +smtp_protocol_error \
-        -queue_run
-acl_smtp_rcpt = acl_check_rcpt
-acl_smtp_mime = acl_check_mime
-qualify_domain = sharewiz.net
-allow_domain_literals = false
-never_users = root
-host_lookup = *
-rfc1413_hosts = *
-rfc1413_query_timeout = 0s
-ignore_bounce_errors_after = 30m
-timeout_frozen_after = 3d
-freeze_tell = postmaster
-message_size_limit = 10M
-smtp_accept_max = 100
-smtp_accept_max_per_connection = 5
-smtp_accept_max_per_host = 2
-split_spool_directory = true
-remote_max_parallel = 15
-smtp_banner = "Welcome on our mail server!\n\
-    This system does not accept Unsolicited \
-    Commercial Email\nand will blacklist \
-    offenders via our spam processor.\nHave a \
-    nice day!\n\n${primary_hostname} ESMTP"
-hide mysql_servers = localhost/exim/sqlmail/my_password
-######################################################################
-#                       ACL CONFIGURATION                            #
-#         Specifies access control lists for incoming SMTP mail      #
-######################################################################
-begin acl
-acl_check_rcpt:
-  accept  hosts = :
-  deny    domains       = +local_domains
-          local_parts   = ^[.] : ^.*[@%!/|]
-  deny    domains       = !+local_domains
-          local_parts   = ^[./|] : ^.*[@%!] : ^.*/\\.\\./
-  accept  local_parts   = postmaster
-          domains       = +local_domains
-  require verify        = sender
-  deny    message       = HELO/EHLO required by SMTP RFC
-          condition     = ${if eq{$sender_helo_name}{}{yes}{no}}
-  deny    message       = Go Away! You are spammer.
-          condition     = ${if match{$sender_host_name} \
-                          {bezeqint\\.net|net\\.il|dialup|dsl|pool|peer|dhcp} \
-                          {yes}{no}}
-  deny    message       = rejected because \
-  $sender_host_address is in a black list at $dnslist_domain\n$dnslist_text
-          log_message   = found in $dnslist_domain
-          dnslists      = relays.ordb.org
-  deny    message       = message from \
-  $sender_host_address rejected - see http://njabl.org/
-          log_message   = found in $dnslist_domain
-          dnslists      = dnsbl.njabl.org
-  deny    message       = rejected because \
-  $sender_host_address for bad WHOIS info, see http://www.rfc-ignorant.org/
-          log_message   = found in $dnslist_domain
-          dnslists      = ipwhois.rfc-ignorant.org
-  deny    message       = rejected because $sender_host_address \
-  is in a black list at $dnslist_domain\n$dnslist_text
-          log_message   = found in $dnslist_domain
-          dnslists      = dialups.mail-abuse.org
-  deny    message       = rejected because $sender_host_address \
-  is in a black list at $dnslist_domain\n$dnslist_text
-          log_message   = found in $dnslist_domain
-          dnslists      = list.dsbl.org
-  deny    message       = Spam blocked see: \
-  http://www.spamcop.net/w3m?action=checkblock&ip=$sender_host_address
-          log_message   = found in $dnslist_domain
-          dnslists      = bl.spamcop.net
-  deny    message       = rejected, $sender_host_address \
-  Open Proxy, see: $dnslist_domain\n$dnslist_text
-          log_message   = found in $dnslist_domain
-          dnslists      = dnsbl.void.ru
-  accept  domains       = +local_domains
-          endpass
-          message       = unknown user
-          verify        = recipient
-  accept  domains       = +relay_to_domains
-          endpass
-          message       = unrouteable address
-          verify        = recipient
-  accept  hosts         = +relay_from_hosts
-  accept  authenticated = *
-  deny    message       = relay not permitted
-acl_check_mime:
-  warn decode = default
-  deny message = Blacklisted file extension detected ($mime_filename)
-       condition = ${if match \
-                    {${lc:$mime_filename}} \
-                    {\N(\.exe|\.pif|\.bat|\.scr|\.lnk|\.com|\.vbs|\.cpl)$\N} \
-                    {1}{0}}
-  deny message = Sorry, noone speaks chinese here
-       condition = ${if eq{$mime_charset}{gb2312}{1}{0}}
-accept
-######################################################################
-#                      ROUTERS CONFIGURATION                         #
-#               Specifies how addresses are handled                  #
-######################################################################
-#     THE ORDER IN WHICH THE ROUTERS ARE DEFINED IS IMPORTANT!       #
-# An address is passed to each router in turn until it is accepted.  #
-######################################################################
-begin routers
-dnslookup:
-  driver = dnslookup
-  domains = ! +local_domains
-  transport = remote_smtp
-  ignore_target_hosts = 0.0.0.0 : 127.0.0.0/8
-  no_more
-system_aliases:
-  driver = redirect
-  allow_fail
-  allow_defer
-  data = ${lookup mysql{SELECT recipients FROM aliases \
-         WHERE local_part='${local_part}' AND domain='${domain}'}}
-userforward:
-  driver = redirect
-  allow_fail
-  allow_defer
-  data = ${lookup mysql{SELECT recipients FROM userforward \
-         WHERE local_part='${local_part}' AND domain='${domain}'}}
-virtual_localuser:
-  driver = accept
-  domains = ${lookup mysql{SELECT domain from domains WHERE domain='${domain}'}}
-  local_parts = ${lookup mysql{SELECT login from users \
-                WHERE login='${local_part}' AND domain='${domain}'}}
-  transport = local_delivery
-######################################################################
-#                      TRANSPORTS CONFIGURATION                      #
-######################################################################
-#                       ORDER DOES NOT MATTER                        #
-#     Only one appropriate transport is called for each delivery.    #
-######################################################################
-begin transports
-remote_smtp:
-  driver = smtp
-local_delivery:
-  driver = appendfile
-  check_string = ""
-  create_directory
-  delivery_date_add
-  directory = /var/mail/$domain/$local_part
-  directory_mode = 770
-  envelope_to_add
-  group = mail
-  maildir_format
-  maildir_tag = ,S=$message_size
-  message_prefix = ""
-  message_suffix = ""
-  mode = 0660
-  quota = ${lookup mysql{SELECT quota FROM users \
-          WHERE login='${local_part}' AND domain='${domain}'}{${value}M}}
-  quota_size_regex = S=(\d+)$
-  quota_warn_threshold = 75%
-  return_path_add
- address_pipe:
-  driver = pipe
-  return_output
-address_file:
-  driver = appendfile
-  delivery_date_add
-  envelope_to_add
-  return_path_add
-address_reply:
-  driver = autoreply
-######################################################################
-#                      RETRY CONFIGURATION                           #
-######################################################################
-begin retry
-*                      quota
-*                      *           F,2h,15m; G,16h,1h,1.5; F,4d,6h
-######################################################################
-#                      REWRITE CONFIGURATION                         #
-######################################################################
-begin rewrite
-######################################################################
-#                   AUTHENTICATION CONFIGURATION                     #
-######################################################################
-begin authenticators
-auth_plain:
-  driver = plaintext
-  public_name = PLAIN
-  server_condition = ${lookup mysql{SELECT login FROM users \
-                        WHERE login = '${quote_mysql:${local_part:$2}}' \
-                        AND domain = '${quote_mysql:${domain:$2}}' \
-                        AND decrypt = '${quote_mysql:$3}' \
-                        AND status = '1'}{yes}{no}}
-  server_prompts = :
-server_set_id = $2
-auth_login:
-  driver = plaintext
-  public_name = LOGIN
-  server_condition = ${lookup mysql{SELECT login FROM users \
-                        WHERE login = '${quote_mysql:${local_part:$1}}' \
-                        AND domain = '${quote_mysql:${domain:$1}}' \
-                        AND decrypt = '${quote_mysql:$2}' \
-                        AND status = '1'}{yes}{no}}
-  server_prompts = Username:: : Password::
-server_set_id = $1
-auth_cram_md5:
-  driver = cram_md5
-  public_name = CRAM-MD5
-  server_secret = ${lookup mysql{SELECT decrypt FROM users \
-                        WHERE login = '${quote_mysql:${local_part:$1}}' \
-                        AND domain = '${quote_mysql:${domain:$1}}' \
-                        AND status = '1'}{$value}fail}
-server_set_id = $1
-# End of Exim configuration file
-</file>
-Create a directory for the log files and deal with the rights to it in the directory where we will develop a post office, and the spool-directory.
-<code bash>
-mkdir /var/log/exim
-chown -R exim:mail /var/log/exim /var/mail /var/spool/mqueue
-</code>
-Create a script that will run our mail server at system startup.
-<code bash>
-ee /usr/local/etc/rc.d/exim.sh
-</code>
-as
-<file bash exim.sh>
-#!/bin/sh
-### file exim.sh ###
-case "$1" in
-  start)
-    echo "Starting Exim..."
-    /usr/local/exim/bin/exim -bd -q15m
-    ;;
-  stop)
-    echo "Stopping Exim..."
-    kill -TERM `cat /var/spool/mqueue/exim-daemon.pid`
-    ;;
-  restart)
-      $0 stop
-	  sleep 2
-      $0 start
-      ;;
-  reload)
-    echo "Exim reloading..."
-    kill -HUP `cat /var/spool/mqueue/exim-daemon.pid`
-    ;;
-  *)
-    echo "Usage: $0 {start|stop|restart|reload}"
-    exit 1
-    ;;
-esac
-</file>
-and make it executable
-<code bash>
-chmod +x /usr/local/etc/rc.d/exim.sh
-</code>
-Validate the syntax of the configuration file /usr/local/exim/configure.
-<code bash>
-/usr/local/exim/bin/exim -bV
-</code>
-Result
-<code>
-Exim version 4.50 #1 built 02-Apr-2005 19:12:40
-Copyright (c) University of Cambridge 2004
-Probably Berkeley DB version 1.8x (native mode)
-Support for: Perl OpenSSL Content_Scanning Old_Demime
-Lookups: lsearch wildlsearch nwildlsearch iplsearch dbm dbmnz mysql
-Authenticators: cram_md5 plaintext
-Routers: accept dnslookup ipliteral manualroute queryprogram redirect
-Transports: appendfile/maildir autoreply pipe smtp
-Fixed never_users: 0
-Configuration file is /usr/local/exim/configure
-</code>
-If no errors are found, go on ... Now we need to check whether you will be recognition of messages for local users, for this issue:
-<code bash>
-/usr/local/exim/bin/exim -bt postmaster
-</code>
-Result
-<code>
-admin@sharewiz.net
-    <-- postmaster@sharewiz.net
-  router = virtual_localuser, transport = local_delivery
-</code>
-If no errors are found, go on ... Now we need to check whether you will be recognition of messages to external users, for this issue:
-<code bash>
-/usr/local/exim/bin/exim -bt someuser@msn.com
-</code>
-Result
-<code>
-someuser@msn.com
-  router = dnslookup, transport = remote_smtp
-  host mx1.hotmail.com [65.54.166.99]  MX=5
-  host mx1.hotmail.com [65.54.252.99]  MX=5
-  host mx1.hotmail.com [64.4.50.99]    MX=5
-  host mx1.hotmail.com [64.4.50.50]    MX=5
-  host mx4.hotmail.com [65.54.190.230] MX=5
-  host mx4.hotmail.com [65.54.190.179] MX=5
-  host mx4.hotmail.com [65.54.167.230] MX=5
-  host mx4.hotmail.com [65.54.253.230] MX=5
-  host mx3.hotmail.com [65.54.253.99]  MX=5
-  host mx3.hotmail.com [65.54.167.5]   MX=5
-  host mx3.hotmail.com [64.4.50.239]   MX=5
-  host mx3.hotmail.com [64.4.50.179]   MX=5
-  host mx2.hotmail.com [65.54.190.50]  MX=5
-  host mx2.hotmail.com [65.54.190.7]   MX=5
-  host mx2.hotmail.com [65.54.252.230] MX=5
-  host mx2.hotmail.com [65.54.166.230] MX=5
-</code>
-If no errors are found, go on ... Now we need to check whether you will be the delivery of messages to local users, for this issue:
-<code bash>
-/usr/local/exim/bin/exim -v postmaster@sharewiz.net
-From: admin@sharewiz.net
-To: postmaster@sharewiz.net
-Subject: Testing Exim
-This is a test message.
-^D
-</code>
-Result
-<code>
-LOG: MAIN
-  <= root@sharewiz.net U=root P=local S=325
-# delivering 1DOs2P-000HAY-0E
-LOG: MAIN
-  => admin  R=virtual_localuser T=local_delivery
-LOG: MAIN
-  Completed
-</code>
-Press <CTRL-C>
-If no errors are found, go on ... Now we need to check whether you will be delivering messages to external users, for this issue:
-<code bash>
-exim -v someuser@msn.com
-From: admin@sharewiz.net
-To: someuser@msn.com
-Subject: Testing Exim
-This is a test message.
-^D
-</code>
-Result
-<code>
-LOG: MAIN
-  <= root@sharewiz.net U=root P=local S=303
-# LOG: MAIN
-  => someuser  R=dnslookup T=remote_smtp
-LOG: MAIN
-  Completed
-</code>
-Press <CTRL-C>
-At this stage, we are convinced that Exim is correctly configured and working, now it is necessary to check the SMTP authentication, but before us be editing.  SMTP authentication is necessary when sending us soobschny with virtual host (if you have any) or when the user is outside the office, send mail through your account.  I do not use authentication for intranet.  Therefore, change in the file /usr/local/exim/configure line
-<file exim>
-hostlist   relay_from_hosts = 127.0.0.1
-на
-hostlist   relay_from_hosts = 127.0.0.1 : 192.168.10.0/24
-</file>
-Run Exim, by typing:
-<code bash>
-/usr/local/etc/rc.d/exim.sh start
-</code>
-To verify authentication, we need the converter, install it from ports:
-<code bash>
-cd /usr/ports/converters/mmencode
-# make install
-# exit
-</code>
-Form a line PLAIN authentication (Netscape), for this issue:
-Encode the login.
-<code bash>
-printf 'admin@sharewiz.net\0admin@sharewiz.net\0my_password' | mmencode
-</code>
-Shows
-<code>
-YWRtaW5AbXlkb21haW4ucnUAYWRtaW5AbXlkb21haW4ucnUAbXlfcGFzc3dvcmQ=
-</code>
-Now
-<code bash>
-telnet localhost 25
-</code>
-Result
-<code>
-Trying ::1...
-telnet: connect to address ::1: Connection refused
-Trying 127.0.0.1...
-Connected to localhost.net.
-Escape character is '^]'.
--Welcome on our mail server!
--This system does not accept Unsolicited Commercial Email
--and will blacklist offenders via our spam processor.
--Have a nice day!
--
-sharewiz.net ESMTP
-</code>
-Then ehlo.
-<code bash>
-ehlo localhost
-</code>
-Result
-<code>
--sharewiz.net Hello localhost.net [127.0.0.1]
--SIZE 10485760
--PIPELINING
--AUTH PLAIN LOGIN CRAM-MD5
-HELP
-</code>
-Then
-<code bash>
-auth plain
-</code>
-Result
-<code>
-</code>
-Then
-<code>
-YWRtaW5AbXlkb21haW4ucnUAYWRtaW5AbXlkb21haW4ucnUAbXlfcGFzc3dvcmQ=
-</code>
-Result
-<code>
-Authentication succeeded
-</code>
-Then
-<code bash>
-quit
-</code>
-Result
-<code>
-sharewiz.net closing connection
-Connection closed by foreign host.
-</code>
-The example shows that everything went well, if you have a different result, then again carefully read and look for the error ...
-So, go ahead, forming a string LOGIN authentication (Outlook), for this issue:
-Base64 encode the login.
-<code bash>
-echo -n admin@sharewiz.net | mimencode -b
-</code>
-Result
-<code>
-YWRtaW5AbXlkb21haW4ucnU=
-</code>
-Base64 encode the password.
-<code bash>
-echo -n my_passowrd | mimencode -b
-</code>
-Result
-<code>
-bXlfcGFzc293cmQ=
-</code>
-Then
-<code bash>
-telnet localhost 25
-</code>
-Result
-<code>
-Trying ::1...
-telnet: connect to address ::1: Connection refused
-Trying 127.0.0.1...
-Connected to localhost.net.
-Escape character is '^]'.
--Welcome on our mail server!
--This system does not accept Unsolicited Commercial Email
--and will blacklist offenders via our spam processor.
--Have a nice day!
--
-sharewiz.net ESMTP
-</code>
-Then
-<code bash>
-ehlo localhost
-</code>
-Result
-<code>
--sharewiz.net Hello localhost.net [127.0.0.1]
--SIZE 10485760
--PIPELINING
--AUTH PLAIN LOGIN CRAM-MD5
-HELP
-</code>
-Then enter:
-<code bash>
-auth login
-</code>
-You will be asked for the username.  This will show:
-<code>
-VXNlcm5hbWU6
-</code>
-<WRAP info>
-VXNlcm5hbWU6 is Base64 encoding to Username:.
-</WRAP>
-Enter the Base64 encoded username which was established earlier.
-<code>
-YWRtaW5AbXlkb21haW4ucnU=
-</code>
-You will be asked for the password.  This will show:
-<code>
-UGFzc3dvcmQ6
-</code>
-<WRAP info>
-UGFzc3dvcmQ6 is Base64 encoding to Password:.
-</WRAP>
-Enter the Base64 encoded password which was established earlier.
-<code>
-bXlfcGFzc293cmQ=
-</code>
-Result
-<code>
-Authentication succeeded
-</code>
-Now quit.
-<code bash>
-quit
-</code>
-Displays:
-<code>
-mydomain.ru closing connection
-Connection closed by foreign host.
-</code>
-The example shows that everything went well, if you have a different result, then again carefully read and look for the error ...
-Go ahead, check the CRAM-MD5 authentication.
-Next I'll provide the full text set out in the article the Ginger, because  described process of the lengths and laborious.  But you can pass it if desired.  I did a simple way.  Launched, In the box in the properties section of transport in the settings to send mail ticked SMTP Authentication (RFC-2554) and sent a letter.  Check you can send, and then logs in Exim.
-<code bash>
-telnet localhost 25
-Trying 127.0.0.1...
-Connected to localhost.localdomain.
-Escape character is '^]'.
-smtp.sharewiz.net ESMTP Exim 4.20 Fri, 05 Sep 2003 14:09:15 +0400
-ehlo localhost
--smtp.sharewiz.net Hello localhost.localdomain [127.0.0.1]
--SIZE 10485760
--PIPELINING
--AUTH PLAIN LOGIN CRAM-MD5
-HELP
-auth cram-md5
-PDI2NDAyLjEwNTY2MTE1NTVAc210cC5leGFtcGxlLnJ1Pg==
-Z2luZ2VyQGV4YW1wbGUucnUgYjllN2Q1OTUxMGMxNjE0YzIwYjU4N2JkNmFkODk2MDI=
-Authentication succeeded
-quit
-smtp.sharewiz.net closing connection
-Connection closed by foreign host.
-</code>
-The example shows that everything went well, if you have a different result, then again carefully read and look for the error ...
-So, I will describe their actions ... After the team auth cram-md5 was done, there was a kind of line:
-<code>
-PDI2NDAyLjEwNTY2MTE1NTVAc210cC5leGFtcGxlLnJ1Pg==
-</code>
-After that we have to do the following:
-<code bash>
-perl -MMIME::Base64 -e 'print MIME::Base64::decode_base64(shift), "\n"' \
-PDI2NDAyLjEwNTY2MTE1NTVAc210cC5leGFtcGxlLnJ1Pg==
-</code>
-Result
-<code>
-<26402.1056611555@smtp.example.ru>
-</code>
-Then run:
-<code bash>
-perl -MMIME::Base64 -MDigest::HMAC_MD5 -e \
-'print MIME::Base64::encode_base64($ARGV[0] . " " . \
-Digest::HMAC_MD5::hmac_md5_hex($ARGV[2], $ARGV[1]))' \
-'ginger@example.ru' 'my-secret-pass' '<26402.1056611555@smtp.sharewiz.net>'
-</code>
-Result
-<code>
-Z2luZ2VyQGV4YW1wbGUucnUgYjllN2Q1OTUxMGMxNjE0YzIwYjU4N2JkNmFkODk2MDI=
-</code>
-The result is a string of interest to us.
-Verify a secure connection TLS / SSL
-<code bash>
-openssl
-OpenSSL> s_client -host localhost -port 465
-</code>
-Result
-<code>
-CONNECTED(00000003)
-depth=0 /C=RU/ST=RU/L=Stavropol/O=Example/CN=sharewiz.net/emailAddress=postmaster
-@sharewiz.net
-verify error:num=18:self signed certificate
-verify return:1
-depth=0 /C=RU/ST=RU/L=Stavropol/O=Example/CN=sharewiz.net/emailAddress=postmaster
-@sharewiz.net
-verify return:1
----
-Certificate chain
-s:/C=RU/ST=RU/L=Stavropol/O=Example/CN=sharewiz.net/emailAddress=postmaster@sharewiz.net
-   i:/C=RU/ST=RU/L=Stavropol/O=Example/CN=sharewiz.net/emailAddress=postmaster@sharewiz.net
----
-Server certificate
------BEGIN CERTIFICATE-----
-MIIEADCCA2mgAwIBAgIBADANBgkqhkiG9w0BAQQFADCBtzELMAkGA1UEBhMCUlUx
-MDYxNTQ5MzhaMIG3MQswCQYDVQQGEwJSVTEcMBoGA1UECBMTU3RhdnJvcG9sIFRl
-bDE3MDUGA1UEChQuRWRpdG9yaWFsIG9mIE5ld3NwYXBlciAiU3RhdnJvcG9sc2th
-eWEgUHJhdmRhIjEVMBMGA1UEAxMMc3RhcHJhdmRhLnJ1MSYwJAYJKoZIhvcNAQkB
-Fhdwb3N0bWFzdGVyQHN0YXByYXZkYS5ydTAeFw0wNTA0MjIxNTQ5MzhaFw0zMjA5
-MDYxNTQ5MzhaMIG3MQswCQYDVQQGEwJSVTEcMBoGA1UECBMTU3RhdnJvcG9sIFRl
-cnJpdG9yeTESMBAGA1UEBxMJU3RhdnJvcG9sMTcwNQYDVQQKFC5FZGl0b3JpYWwg
-b2YgTmV3c3BhcGVyICJTdGF2cm9wb2xza2F5YSBQcmF2ZGEiMRUwEwYDVQQDEwxz
-MDYxNTQ5MzhaMIG3MQswCQYDVQQGEwJSVTEcMBoGA1UECBMTU3RhdnJvcG9sIFRl
-LnJ1MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDNFT87/U4Y/isxCQR2aD0n
-LgJ9DvOwWBFs72R1ciYvOUOQVWGAhMCeGjVkiPtysjFtRRdgKjGvKrKmx9C3pH3w
-ZN5fXFcZBqUtiLzQ0VKcdw3utAvRM4gzICSlktpjPtxfoYYSC4CUHA1/0+WDC7HO
-HVyM7oBL+pRZyQT0A/8k7QIDAQABo4IBGDCCARQwHQYDVR0OBBYEFIVHLfnzpOO5
-ub9oTTvksXmf9F7gMIHkBgNVHSMEgdwwgdmAFIVHLfnzpOO5ub9oTTvksXmf9F7g
-oYG9pIG6MIG3MQswCQYDVQQGEwJSVTEcMBoGA1UECBMTU3RhdnJvcG9sIFRlcnJp
-dG9yeTESMBAGA1UEBxMJU3RhdnJvcG9sMTcwNQYDVQQKFC5FZGl0b3JpYWwgb2Yg
-HVyM7oBL+pRZyQT0A/8k7QIDAQABo4IBGDCCARQwHQYDVR0OBBYEFIVHLfnzpOO5
-MDYxNTQ5MzhaMIG3MQswCQYDVQQGEwJSVTEcMBoGA1UECBMTU3RhdnJvcG9sIFRl
-ggEAMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEEBQADgYEAA4EghSwza0gbNcik
-HVyM7oBL+pRZyQT0A/8k7QIDAQABo4IBGDCCARQwHQYDVR0OBBYEFIVHLfnzpOO5
-eWEyOMmOGQbx/++XLU35CFrdiqEwdZTVfZscoefyhp9shsG1Dw8zbVK+im7wmmA1
-zokwLdwUQZGVBRTefUivYOSOJ9c=
------END CERTIFICATE-----
-subject=/C=RU/ST=RU/L=Stavropol/O=Example/CN=mydomain.ru/emailAddress=postmaster
-@sharewiz.net
-issuer=/C=RU/ST=RU/L=Stavropol/O=Example/CN=mydomain.ru/emailAddress=postmaster@
-sharewiz.net
----
-No client certificate CA names sent
----
-SSL handshake has read 1190 bytes and written 340 bytes
----
-New, TLSv1/SSLv3, Cipher is AES256-SHA
-Server public key is 1024 bit
-SSL-Session:
-    Protocol  : TLSv1
-    Cipher    : AES256-SHA
-    Session-ID: FF415922B742484BA13B84FAD575C528B3549B742484BA13AB1393C4AB3D8010
-    Session-ID-ctx:
-    Master-Key: 8A39B36BFDB180ED55F829DBC420D675F0ECAF1B07FBBED3A1632A3AA8ECCE96
-CAACF8CDAE5F829DBC420D3F5AE9BA8
-    Key-Arg   : None
-    Start Time: 1114190806
-    Timeout   : 300 (sec)
-    Verify return code: 18 (self signed certificate)
----
--Welcome on our mail server!
--This system does not accept Unsolicited Commercial Email
--and will blacklist offenders via our spam processor.
--Have a nice day!
--
-sharewiz.net ESMTP
-</code>
-Further checks can be made on the above analogy, but the point? And so we see that all OK!
-<code>
-quit
-OpenSSL> quit
-</code>
-The final step, we will configure log rotation, so that they have not grown up to infinity.
-<code>
-su
-crontab -e -u exim
-</code>
-Here you can expect trouble, if you have not yet met with the editor vi . I'll help a little bit, but in the future - teach materiel.
-Press i and type the following line:
-<file>
-@daily /usr/local/exim/bin/exicyclog
-</file>
-After entering the line does not click ENTER, and ESC. Now, press a sequence of : wq . Thus, you save the changes and get out of the editor. Now our logs will be updated every day at midnight.
-That's all.This installation and configuration of Exim can be considered fully complete.
-Now our server can send and receive mail. But this post to deliver to the end user? This story goes on.
-===== References =====
-http://docstore.mik.ua/manuals/ru/exit_setup/exim.html