Table of Contents:
1. First some pre-reqisites.
2. Introduction, and how we will set the mail server up.
3. Getting the software.
4. Time to install.
5. Configure the software.
6. Start 'er up.
7. Adding some users.
8. Eudora and Other e-mail software settings
9. Thanks.
10. Additional Help
11. Copyrights
1. First some pre-reqisites.
Who this is for: This document is written for people that are new to running a mail server but are not new to the UNIX enviroment. If you don't have or know these basic things don't try and install.
This document assumes a few things about the user. I do not expect the people reading this to be seasoned system admin's, but a basic knowlege of these things:
Have a working UNIX like operation system (eg. OpenBSD, Linux, Solaris).
Unix knowledge (how to add/remove users, cd around and stuff like that).
Basic Programing (shell scripting).
Working compiler and knowledge on how to work it.
Internet access (broadband (cable/dsl/t1/oc-24, whatever :)) and a static IP address.
Working DNS and Nameservers (MX records have to be straight) SEE NOTE BELOW.
Free disk space, around 100 MB. The more the better.
You need to know how to use a text editor. Vi or Emacs, it doesn't matter.
NOTE: If anyone here is running a DNS server and wants to send me there config. files so I can post them would be greatly appreciated, beacuse I am not sure mine are correct and I do not want to give incorrect informaiton. Proper credit will be given.
2. Introduction, and how we will set the mail server up.
What this document will do: It will set up exim on a machine that is hooked up to the internet. Doing gateway stuff, port redirection is all your job. The setup I am explaing assumes you have set your network up properly. That means take the approprate security measures. Close down services you don't need, I recommend installing on a OpenBSD system, it is secure (secure by default), fully functional, and best of all free (but please, if you use it, donate money, it is the only way to keep the project going.)
The setup is a Single user e-mail server. Beacuse of some premissions problems I am having right now I don't know how to set up mutiple users, I will fix that soon but for now this is only for a single user mail server setup. The system req's are not Sun E10k's. I have a mail server running on a Pentium 120 w/ 16MB ram and a 1.6 GIG hard drive. The more users you add the more its going to stress your system. So if you are supporting a lot of users (like yahoo.com) it would be wise to run it on a Sun E10k, not a Pentium 120. :)
I will be compiling all the software, if you are not conforatable with this, you can get binary's but I do not recomment it, just compile the software and if you don't feel you can, don't run a mail server.
Exim will be used to send and recive mail, Qualcomm's Qpopper (POP3) will be used to retrive mail.
NOTE: I am not responsible for anything that happens to your system. It is all your fault. I will not be held responsible if your system crashes or anything bad happens to it in anyway.
3. Getting the software.
First off we have to get the software, as I said before we will be using Exim. I would recommend you go the the Exim homepage and read around and get familiar with Exim, then download the software. You can get the latest verion (as of 9/20/00) via http here and via ftp here the file is about 1.1 MB, it is version 3.16.
Next is Qualcomms Qpopper. You really don't need Qpopper, it is just so you can use something like Eudora to check your mail from a machine that is not the mail server. I mean, if you want you can ssh in and check your mail, but this is just nicer.
&nsbp;&nsbp;So anyway, where was I, oh yes, Qpopper, go to www.qpopper.com look around there and get to know the software a little before you download it. You can get it via ftp here. The file is about 1.7 mb and it is version 3.0.2.
Hopefully now you have decided that you are going to use the source and compile it, if you have no, I recommend it. You can always get the bianary, but don't come complaining to me when it does not work, cause I told ya so. :)
4. Installation time!
Now that you have downloaded Exim and Qpopper you have to move it to a temporary working directory (like /home or /export/home) or something so you can untar and gzip it so you can start compiling. I will use /home as an example. So once you got exim-3.16.tar.gz in /home you have to untar and gzip it, it can be done like so:
ironhide# tar -zxvf exim-3.16.tar.gz
This will untar and unzip it, it will scroll a bunch of stuff past your screen, that is just the files that are being decompressed.
Now that you got the file untared and unziped cd into the dir that exim is in.
ironhide# cd exim-3.16
ironhide# ls
CHANGES OS README.Y2K exim_monitor
LICENCE README build-OpenBSD-i386 scripts
Makefile README.IPV6 build-openbsd src
NOTICE README.UPDATING doc util
ironhide#
You sould see something similar to that. If you don't your in trouble. You eather downloaded it wrong, or did not uncompress it corectally. Make sure you have GZIP installed, if you don't get it from www.GNU.org.
First off open up README and read through it. It is important that you do, it has important info in it, and a lot of questions are answerd in it. Especially OS specific build options.
Once you have done that, open up Makefile like so:
ironhide# vi Makefile
You dont have to use vi to open the Makefile, I just use it, once you have looked throught the Makefile, modify it if you need to and then save it (in vi that is [ESC]:w, and then [SHIFT]+[Z]+[Z].
Now cd into src and open EDITME and go through it and modify it as needed, like so:
ironhide# cd src
ironhide# vi EDITME
This should launch vi, and open EDITME, keep in mind you don't have to use vi, you can use any text editor you like.
Now you have to modify the EDITME file, here is mine. I put it on a differnt page beacuse it is a long file and it would just be stupid to put it here. Now you don't really have to modify it, but I stronly recomment going through it and uncommenting and putting in settings you need. If something does not work it is probably beacuse you did not set something or set something wrong in the Makefile. This is what I mean as basic programing skills. If you don't know the how to modify a Makefile, you really sould not be running a mail server. You can use mine, but it is best that you do your own and learn beacuse you will not be reliant on anyone that way.
Now that you have edited EDITME, you have to rename it to Makefile, then move it to /home/exim-3.16/Local, it can be done as so:
ironhide# mkdir /home/exim-3.16/Local/
ironhide# mv EDITME /home/exim-3.16/Local
ironhide# cd /home/exim-3.16/Local
ironhide# mv EDITME Makefile
Once you got that done, if you commented out eximon you have to set up its file. I didn't put that in there beacuse its optional, bascially if you want it, look at the README and modifiy the file it tells you to and put it in /home/exim-3.16/Local.
Now that we got all the configuring at this point done. You can install Exim. it can be done like so:
ironhide# cd /home/exim-3.16/
ironhide# make
[you will see it building exim, a bunch of text will scroll by]
[once its done]
ironhide# make install
That was all. If your compiling went without a hitch (and it sould have, if it didn't, read the README, it explain any problems you might have and how to fix them!) Painless right? It sould have placed all your binary's and config files in /usr/exim/
--
Now that we got our mail server installed we better install our mail retriver, we will be using Qpopper, its a POP3 mail retriver.
Just like before, untar and unzip it and cd into the dir that it untared to like this:
ironhide# cd /home
ironhide# tar -zxvf qpopper3.0.2.tar.gz
[it will show all the files being uncompressed]
ironhide# cd qpopper3.0.2
ironhide# ls
INSTALL README config.h configure misc.h
License.txt common config.h.in configure.in mmangle
Makefile conf.h config.log doc popper
Makefile.in config.cache config.status man test
ironhide#
You output should be similar. Now, like before read the README and INSTALL files! It is important that you do, they contain very important information.
Once you have, you can start installing, it will go something like this:
ironhide# ./configure
[bunch of text checking if you have all the neccesarry stuff to install]
ironhide# make
[the code being compiled]
ironhide# make install
[the binary's being made]
ironhide#
Once you have that done, and it should have compiled without a problem, if you had a problem refer to the README and INSTALL files. Then you can move popper to /usr/local/lib like so:
ironhide# cd /home/qpopper3.0.2/popper/
ironhide# cp popper /usr/local/lib
ironhide#
Everything should be installed now. Not configured but installed. Next we go on to configuring it all!
5. Configure the software.
First off lets get exim working, once we get that up, we will then get qpopper.
Ok, lets cd into /usr/exim/ like this:
ironhide# cd /usr/exim
Once you are in /usr/exim, open the configure file, with vi or emacs, whatever, it doen't matter. It can be done like so:
ironhide# cd /usr/exim
ironhide# vi configure
Even though the file that the Exim people send is very hevily commented and everythig (and a great job done of it!) I added a few more things to help out. Here it is:
######################################################################
# Runtime configuration file for Exim #
######################################################################
# This is a default configuration file which will operate correctly in
# uncomplicated installations. Please see the manual for a complete list
# of all the runtime configuration options that can be included in a
# configuration file. There are many more than are mentioned here. The
# manual is in the file doc/spec.txt in the Exim distribution as a plain
# ASCII file. Other formats (PostScript, Texinfo, HTML, PDF) are available
# from the Exim ftp sites. The manual is also online via the Exim web sites.
# This file is divided into several parts, all but the last of which are
# terminated by a line containing the word "end". The parts must appear
# in the correct order, and all must be present (even if some of them are
# in fact empty). Blank lines, and lines starting with # are ignored.
######################################################################
# MAIN CONFIGURATION SETTINGS #
######################################################################
# Specify your host's canonical name here. This should normally be the fully
# qualified "official" name of your host. If this option is not set, the
# uname() function is called to obtain the name.
primary_hostname = goku.dragonballz.com
# <-- MY COMMENTS -->
# OK, above, is basically the hostname of your machine followed by
# your domain. So it is machines_host_name.domain.com. So if you had
# a machine who's hostname was goku and the domain was dragonballz.com,
# it would be goku.dragonballz.com
# <-- MY COMMENTS -->
# Specify the domain you want to be added to all unqualified addresses
# here. An unqualified address is one that does not contain an "@" character
# followed by a domain. For example, "caesar@rome.ex" is a fully qualified
# address, but the string "caesar" (i.e. just a login name) is an unqualified
# email address. Unqualified addresses are accepted only from local callers by
# default. See the receiver_unqualified_{hosts,nets} options if you want
# to permit unqualified addresses from remote sources. If this option is
# not set, the primary_hostname value is used for qualification.
qualify_domain = dragonballz.com
# <-- MY COMMENTS -->
# qualify_domain is just the domain you want the messages to be from. So
# if you set your qualify_domain to dragonballz.com, and you created a
# user goku, and you set your qualify_domain to dragonballz.com, your
# e-mail's would read goku@dragonballz.com
# <-- MY COMMENTS -->
# If you want unqualified recipient addresses to be qualified with a different
# domain to unqualified sender addresses, specify the recipient domain here.
# If this option is not set, the qualify_domain value is used.
# qualify_recipient =
# Specify your local domains as a colon-separated list here. If this option
# is not set (i.e. not mentioned in the configuration file), the
# qualify_recipient value is used as the only local domain. If you do not want
# to do any local deliveries, uncomment the following line, but do not supply
# any data for it. This sets local_domains to an empty string, which is not
# the same as not mentioning it at all. An empty string specifies that there
# are no local domains; not setting it at all causes the default value (the
# setting of qualify_recipient) to be used.
local_domains = wokness.com
# <-- MY COMMENTS -->
# Read the above comments, its similar to qualify_recipient
# <-- MY COMMENTS -->
# If you want to accept mail addressed to your host's literal IP address, for
# example, mail addressed to "user@[111.111.111.111]", then uncomment the
# following line, or supply the literal domain(s) as part of "local_domains"
# above. You also need to comment "forbid_domain_literals" below. This is not
# recommended for today's Internet.
# local_domains_include_host_literals
# The following line prevents Exim from recognizing addresses of the form
# "user@[111.111.111.111]" that is, with a "domain literal" (an IP address)
# instead of a named domain. The RFCs still require this form, but it makes
# little sense to permit mail to be sent to specific hosts by their IP address
# in the modern Internet, and this ancient format has been used by those
# seeking to abuse hosts by using them for unwanted relaying. If you really
# do want to support domain literals, remove the following line, and see
# also the "domain_literal" router below.
forbid_domain_literals
# No local deliveries will ever be run under the uids of these users (a colon-
# separated list). An attempt to do so gets changed so that it runs under the
# uid of "nobody" instead. This is a paranoic safety catch. Note the default
# setting means you cannot deliver mail addressed to root as if it were a
# normal user. This isn't usually a problem, as most sites have an alias for
# root that redirects such mail to a human administrator.
never_users = root
# The use of your host as a mail relay by any host, including the local host
# calling its own SMTP port, is locked out by default. If you want to permit
# relaying from the local host, you should set
#
# host_accept_relay = localhost
#
# If you want to permit relaying through your host from certain hosts or IP
# networks, you need to set the option appropriately, for example
#
host_accept_relay = trunks.dragonballz.com : 192.168.1.5
# <-- MY COMMENTS -->
# OK, here is one the the places I had a problem. You have to set the
# machine that you will be loging in via to check your mail. So say you
# had a machine on your network with a IP address of 192.168.1.5, and
# its name was trunks, again on the domain dragonballz.com, you would
# set it like this:
# host_accept_relay = trunks.dragonballz.com : 192.168.1.5
# <-- MY COMMENTS -->
#
# If you are an MX backup or gateway of some kind for some domains, you must
# set relay_domains to match those domains. This will allow any host to
# relay through your host to those domains.
#
# See the section of the manual entitled "Control of relaying" for more
# information.
# The setting below causes Exim to do a reverse DNS lookup on all incoming
# IP calls, in order to get the true host name. If you feel this is too
# expensive, you can specify the networks for which a lookup is done, or
# remove the setting entirely.
host_lookup = 0.0.0.0/0
# By default, Exim expects all envelope addresses to be fully qualified, that
# is, they must contain both a local part and a domain. If you want to accept
# unqualified addresses (just a local part) from certain hosts, you can specify
# these hosts by setting one or both of
#
# receiver_unqualified_hosts =
# sender_unqualified_hosts =
#
# to control sender and receiver addresses, respectively. When this is done,
# unqualified addresses are qualified using the settings of qualify_domain
# and/or qualify_recipient (see above).
# By default, Exim does not make any checks, other than syntactic ones, on
# incoming addresses during the SMTP dialogue. This reduces delays in SMTP
# transactions, but it does mean that you might accept messages with unknown
# recipients, and/or bad senders.
# Uncomment this line if you want incoming recipient addresses to be verified
# during the SMTP dialogue. Unknown recipients are then rejected at this stage,
# and the generation of a failure message is the job of the sending host.
# receiver_verify
# Uncomment this line if you want incoming sender addresses (return-paths) to
# be verified during the SMTP dialogue. Verification can normally only check
# that the domain exists.
# sender_verify
# Exim contains support for the Realtime Blocking List (RBL) that is being
# maintained as part of the DNS. See http://maps.vix.com/rbl/ for background.
# Uncommenting the first line below will make Exim reject mail from any
# host whose IP address is blacklisted in the RBL at maps.vix.com. Some
# others have followed the RBL lead and have produced other lists: DUL is
# a list of dial-up addresses, and ORBS is a list of open relay systems. The
# second line below checks all three lists.
# rbl_domains = rbl.maps.vix.com
# rbl_domains = rbl.maps.vix.com:dul.maps.vix.com:relays.orbs.org
# If you want Exim to support the "percent hack" for all your local domains,
# uncomment the following line. This is the feature by which mail addressed
# to x%y@z (where z is one of your local domains) is locally rerouted to
# x@y and sent on. Otherwise x%y is treated as an ordinary local part.
# percent_hack_domains = *
end
######################################################################
# TRANSPORTS CONFIGURATION #
######################################################################
# ORDER DOES NOT MATTER #
# Only one appropriate transport is called for each delivery. #
######################################################################
# A transport is used only when referenced from a director or a router that
# successfully handles an address.
# This transport is used for delivering messages over SMTP connections.
remote_smtp:
driver = smtp
# This transport is used for local delivery to user mailboxes in traditional
# BSD mailbox format. By default it will be run under the uid and gid of the
# local user, and requires the sticky bit to be set on the /var/mail directory.
# Some systems use the alternative approach of running mail deliveries under a
# particular group instead of using the sticky bit. The commented options below
# show how this can be done.
local_delivery:
driver = appendfile
file = /var/mail/${local_part}
delivery_date_add
envelope_to_add
return_path_add
#group = wokness
#mode = 0660
# This transport is used for handling pipe deliveries generated by alias
# or .forward files. If the pipe generates any standard output, it is returned
# to the sender of the message as a delivery error. Set return_fail_output
# instead of return_output if you want this to happen only when the pipe fails
# to complete normally. You can set different transports for aliases and
# forwards if you want to - see the references to address_pipe in the directors
# section below.
address_pipe:
driver = pipe
return_output
# This transport is used for handling deliveries directly to files that are
# generated by aliassing or forwarding.
address_file:
driver = appendfile
delivery_date_add
envelope_to_add
return_path_add
# This transport is used for handling autoreplies generated by the filtering
# option of the forwardfile director.
address_reply:
driver = autoreply
end
######################################################################
# DIRECTORS CONFIGURATION #
# Specifies how local addresses are handled #
######################################################################
# ORDER DOES MATTER #
# A local address is passed to each in turn until it is accepted. #
######################################################################
# Local addresses are those with a domain that matches some item in the
# "local_domains" setting above, or those which are passed back from the
# routers because of a "self=local" setting (not used in this configuration).
# This director handles aliasing using a traditional /etc/aliases file.
# If any of your aliases expand to pipes or files, you will need to set
# up a user and a group for these deliveries to run under. You can do
# this by uncommenting the "user" option below (changing the user name
# as appropriate) and adding a "group" option if necessary. Alternatively, you
# can specify "user" on the transports that are used. Note that those
# listed below are the same as are used for .forward files; you might want
# to set up different ones for pipe and file deliveries from aliases.
system_aliases:
driver = aliasfile
file = /etc/aliases
search_type = lsearch
# user = exim
file_transport = address_file
pipe_transport = address_pipe
# This director handles forwarding using traditional .forward files.
# If you want it also to allow mail filtering when a forward file
# starts with the string "# Exim filter", uncomment the "filter" option.
# The no_verify setting means that this director will be skipped when
# verifying addresses if sender_verify or receiver_verify is set (though
# they are not set by default). Similarly, no_expn means that this director
# will be skipped if smtp_expn_hosts is set to allow any hosts to use the
# EXPN command.
# The check_ancestor option means that if the forward file generates an
# address that is an ancestor of the current one, the current one gets
# passed on instead. This covers the case where A is aliased to B and B
# has a .forward file pointing to A.
# The three transports specified at the end are those that are used when
# forwarding generates a direct delivery to a file, or to a pipe, or sets
# up an auto-reply, respectively.
userforward:
driver = forwardfile
file = .forward
no_verify
no_expn
check_ancestor
# filter
file_transport = address_file
pipe_transport = address_pipe
reply_transport = address_reply
# This director matches local user mailboxes.
localuser:
driver = localuser
transport = local_delivery
end
######################################################################
# ROUTERS CONFIGURATION #
# Specifies how remote addresses are handled #
######################################################################
# ORDER DOES MATTER #
# A remote address is passed to each in turn until it is accepted. #
######################################################################
# Remote addresses are those with a domain that does not match any item
# in the "local_domains" setting above.
# This router routes to remote hosts over SMTP using a DNS lookup with
# default options.
lookuphost:
driver = lookuphost
transport = remote_smtp
# This router routes to remote hosts over SMTP by explicit IP address,
# when an email address is given in "domain literal" form, for example,
# . The RFCs require this facility. However, it is
# little-known these days, and has been exploited by evil people seeking
# to abuse SMTP relays. Consequently it is commented out in the default
# configuration. If you uncomment this router, you also need to comment out
# "forbid_domain_literals" above, so that Exim can recognize the syntax of
# domain literal addresses.
# domain_literal:
# driver = ipliteral
# transport = remote_smtp
end
######################################################################
# RETRY CONFIGURATION #
######################################################################
# This single retry rule applies to all domains and all errors. It specifies
# retries every 15 minutes for 2 hours, then increasing retry intervals,
# starting at 1 hour and increasing each time by a factor of 1.5, up to 16
# hours, then retries every 8 hours until 4 days have passed since the first
# failed delivery.
# Domain Error Retries
# ------ ----- -------
* * F,2h,15m; G,16h,1h,1.5; F,4d,8h
end
######################################################################
# REWRITE CONFIGURATION #
######################################################################
# There are no rewriting specifications in this default configuration file.
end
######################################################################
# AUTHENTICATION CONFIGURATION #
######################################################################
# There are no authenticator specifications in this default configuration file.
# End of Exim configuration file
That is all I edited of the configure file, if you need to edit it more do so. But this is all that is needed to set up a simple one person mail server.
Now that Exim is set up, we go on to Qpopper, you sould have copied it to /usr/local/lib, so now what you have to do is add it to /etc/inetd.conf, that is if you are using inetd.conf. If you are not, see doc/spec.txt for more info. If you don't know, again you sould not be installing a mail server. Now all you have to add this line to /etc/inetd.conf to enable Qpopper.
pop3 stream tcp nowait root /usr/local/lib/popper qpopper -s
Now restart inetd.conf or better yet, just restart your machine.
Now that you have restarted your machine and got Exim and Qpopper configured properly, you can start them up.
6. Start er up.
Time to start exim and see if you can send messages and everything. so do this:
ironhide# cd /usr/exim/bin/
ironhide# ./exim -d9 someone@hotmail.com
[you will see a bunch of exim's stuff]
test
.
[you will se a bunch of exim's stuff]
[hit return]
ironhide#
Now go check your account that you sent that e-mail to and see if it arrived safe and sound, if it did, jump up and down you beacuse you just sent your first e-mail from Exim!
Now that we know Exim sends mail, just start it as a daemon, you might also want to make it always start at startup by editing your startup file. It vaires from OS to OS so I won't go into that. Just remember, it needs to be started to recive mail, so if you reboot and don't have it added to your start up, just start it like below:
ironhide# /usr/exim/bin/exim -bd
ironhide#
Exim is now started and running as a daemon. Now its time to add users so you can start sending e-mail from your real account.
7. Adding some users.
Basically adding users is depenednt on your OS, OpenBSD has a command adduser that I will be using, I know you can add users in Linux with linuxconf, and I know in Solaris you can use useradd or admintool, however you do it, just add a user. I will give a example of OpenBSD's adduser, if you got an exaple from anther OS, send it over and I will add it and give proper credit.
ironhide# adduser
Use option ``-silent'' if you don't want to see all warnings and questions.
Reading /etc/shells
Check /etc/master.passwd
Check /etc/group
Ok, let's go.
Don't worry about mistakes. I will give you the chance later to correct any input.
Enter username [a-z0-9_]: goku
Enter full name []: Son Goku
Enter shell csh ksh nologin sh [sh]: sh
Uid [1001]: 1001
Login group goku [goku]: goku
Login group is ``goku''. Invite goku into other groups: guest no
[no]: no
Enter password []: goku [YOU WILL NOT SEE THE PASSWORD BEING TYPED]
Enter password again []: goku [YOU WILL NOT SEE THE PASSWORD BEING TYPED]
Name: goku
Password: ****
Fullname: Son Goku
Uid: 1001
Gid: 1001 (goku)
Groups: goku
HOME: /home/goku
Shell: /bin/sh
OK? (y/n) [y]: y
Added user ``goku''
Copy files from /etc/skel to /home/goku
Add another user? (y/n) [y]: n
Goodbye!
ironhide#
Keep in mind that this is of OpenBSD, your adding user may be differnt. But the end result should be the same, you have a user with a username that you want as your [name]@domain.com.
Now you need to change ownership of /var/mail so that the user, in this case goku can access it. I don't know how to do this perfectally, so I will use this method that will work if there is only one person on the system, for multiple users, somone please e-mail a solution.
ironhide# chown goku /var/mail/
Now the user goku sould be able to read and write to /var/mail (where you mail is stored).
That's all, goku sould now be able to read send mail from goku@dragonballz.com, of course why a Super Sayan would need to send e-mail? I don't know. :)
8. Eudora and Other e-mail software settings.
These are the settings you want for Eudora or any other mail program:
SMTP: dragonballz.com [your domain]
POP ACCOUNT: goku@dragonballz.com [the_user_you_added@domain.com]
Those are really all the settings you need. But if you want, can set the return address, and your real name, its all up to you.
Everything sould be done done, fire up Eudora or any other mail client and e-mail away.
9. Thanks.
Thanks first off to god for me being alive and able to write this. Thank to all the people that helped me set my mail server up so I could write this document, thanks to Martin Hepworth, Wes Peters, Jeffrey Goldberg, Philip Hazel, George Schlossnagle, everyone on the exim-users and misc openbsd list. Without the entire exim/openbsd community's help I could have never done any of this.
10. Additional Help.
You can get additional help from the Exim mailing list if it is a Exim related question. Info on the list is avalible at www.exim.org
If you took my advice and installed OpenBSD and have a OpenBSD related question, look into one of the OpenBSD lists (prob. misc) at www.openbsd.org
And of course Usenet is a great resource.
10. Copyrights.
Copyrights are whoever owns them. This document, take it, modify it, whatever, I don't care, just leave my name as the original author, if you modify it, feel free to put your name down as author. Exim and Qpopper are owned by there respected owners.