Exim4 Send Only Mailserver
Exim4 is a lightweight mail transfer agent that is easy to set up and configure.
These instructions focus on Ubuntu 14.04 Server.
Setting up a send-only mailserver on Ubuntu is relatively straightforward. The tricky bit is ensuring that mail sent by the server is not labelled as spam.
Exim4 Installation
- Upgrade system:
sudo apt-get update && sudo apt-get -y upgrade
- Install Exim4 and dependencies:
sudo apt-get -y install exim4
- Run the config script:
sudo dpkg-reconfigure exim4-config
Exim4 Configuration
Make selections with arrow keys - select “Ok” with tab key
- Select: ‘internet site; mail is sent and received directly using SMTP’
- Enter FQDN:
hostname.yourdomain.com
- SMTP Listener: enter
127.0.0.1
or127.0.0.1; ::1
(for IPv6 support) - Mail destinations - list FQDN, local hostname,
localhost.localdomain
,localhost
(see NOTE below) - Relay Options: Leave blank - hit tab to highlight “Ok”, then enter
- Follow up Screen to Relay Options: Leave blank, hit “Ok”
- DNS Queries: Keep DNS queries to a minimum? select “No”
- Delivery method: Select “Maildir format in home directory”
- Choose default unsplit config file by entering “No”
In Ubuntu 14.04, that’s it - there is no option to specify postmaster mail recipients. This must be set - or email clients like gmail will place sent emails in the recipient’s spam folder. Most tutorials refer to a final configuration window - but this will not appear on Ubuntu 14.04.
Specify Postmaster Address
Amend /etc/email-addresses
to include:
- Replace “username” with the system username that is running the mail process.
- Enter new username/email values on separate lines
Test email from Command Line:
Access Logs
The main log is held in: /var/log/exim4
.
This directory is owned by Debian-exim:adm
- and is hence inaccessible, unless you log in as root.
Add your user to the adm
group to access logs:
You can then access the main exim4 log at: /var/log/exim4/mainlog
Use eximstats
to see a text report:
Post Installation Configuration
The initial configuration settings are stored in the /etc/exim4/update-exim4.conf.conf
file.
To re-configure the program, either re-run the configuration wizard: sudo dpkg-reconfigure exim4-config
or manually edit this file:
After editing the settings, you need to generate the master configuration file:
Restart the exim4 service:
Set Up Reverse DNS
Reverse DNS maps an IP address to a domain name - and is crucial to avoid having outgoing mail labelled as spam.
The reverse DNS zone must be created on the “authoritative DNS nameserver for the main IP address of your server” - so to set reverse DNS, you need control over the nameserver for your main IP address.
For Linode VPS:
- Log in to Linode Manager
- Select the Linode
- Select “Remote Access”
- Enter the domain name in the hostname field and click “lookup”
- A message should appear stating that a match has been found between your domain and your IP address
- Select “yes” for the desired address (IPv4 & IPv6 will need to be selected separately)
That’s it!
SPF Records
Publishing a Sender Policy Framework (SPF) Record in your domain’s DNS specifies which server IP addresses are allowed to send emails from your domain.
Having a properly set up SPF record makes it less likely that outgoing mail will be tagged as spam.
Although it is best practice is to publish SPF records via DNS as both a SPF and TXT record, the DNS management utilities for many registrars (e.g. Heart Internet, Blacknight) only provide for the addition of txt records. For a good description of SPF as TXT records, see here.
The following SPF record, added as a TXT record is a reasonable sample:
Bizzarre Spam Issues
After following the above setup, I noticed the following weird behaviour with regard to gmail recipients.
- Send mail from WordPress to a gmail account (the
www-data user
, not aliased in/etc/email-addresses
): Success - Send mail from command line (
echo "This is a test." | mail -s Testing emailaddress68@gmail.com
) to same address: Designated as Spam - Send the same mail from command line to a different gmail account: Success
There were two SPF records on the DNS settings for the domain - which isn’t allowed. Deactivated the old one.
In addition, the header in gmail showed that gmail was looking for an IP address in the ipv6 format…so I added this to the SPF record.
To determine ipv6 for the server: ip -6 addr show
- the public IP is on the line labelled ‘scope global’.
You can only add a single SPF record - but ipv6 and ipv4 IP addresses can be included. Sample TXT record for SPF:
Send Email From Command Line
Resources
- Exim4 wiki
- Brad the Mad’s Exim Cheatsheet - switch
exim4
forexim
if necessary - Setup Reverse DNS
- Digital Ocean tutorial on SPF
- Unlock the Inbox: Info on email configuration
- SPF Wizard
- Unlock the Inbox Sender ID Wizard
- Unlock the Inbox SPF Wizard
MS SPF Wizard: Page removed, thanks to Henry for pointing this out- Exim4 setup & config
- Send email from Command Line
comments powered by Disqus