Hi friends can anyone help me with the configuration of tls with exim i want to run my smtp on a secure port (465) It would be great if any member can help with some configuration steps . awaiting a prompt reply Thanks & Regards Parth Monga
you need to set the following in your exim config Code: tls_advertise_hosts = * tls_certificate = /path_to_certificate tls_privatekey = /path_to_private_key tls_on_connect_ports = 465
Hi Dog I made that changes in make file of exim and when i run "make" to re compile exim i got the following error gcc local_scan.c In file included from ../src/exim.h:438, from ../src/local_scan.c:10: ../src/dbstuff.h:27:17: error: tdb.h: No such file or directory In file included from ../src/exim.h:438, from ../src/local_scan.c:10: ../src/dbstuff.h:541: error: expected specifier-qualifier-list before âTDB_CONTEXTâ In file included from ../src/exim.h:442, from ../src/local_scan.c:10: ../src/dbfunctions.h:17: error: expected declaration specifiers or â...â before âTDB_DATAâ In file included from ../src/exim.h:446, from ../src/local_scan.c:10: ../src/bmi_spam.h:13:21: error: bmi_api.h: No such file or directory In file included from ../src/exim.h:452, from ../src/local_scan.c:10: ../src/srs.h:18:21: error: srs_alt.h: No such file or directory In file included from ../src/exim.h:452, from ../src/local_scan.c:10: ../src/srs.h:26: error: expected â=â, â,â, â;â, âasmâ or â__attribute__â before âeximsrs_db_insertâ ../src/srs.h:27: error: expected â=â, â,â, â;â, âasmâ or â__attribute__â before âeximsrs_db_lookupâ make[1]: *** [local_scan.o] Error 1 make[1]: Leaving directory `/usr/local/src/exim-4.72/build-Linux-x86_64' make: *** [all] Error 2 [root@mail exim-4.72]# gcc local_scan.c gcc: local_scan.c: No such file or directory gcc: no input files Thanks & Regards Parth Monga
Hi topdog My makefile for exim looks like this i have chopped the unnecessary options other than tls # $Cambridge: exim/exim-src/src/EDITME,v 1.23 2009/11/20 12:18:19 nm4 Exp $ ################################################## # The Exim mail transport agent # ################################################## # This is the template for Exim's main build-time configuration file. It # contains settings that are independent of any operating system. These are # things that are mostly sysadmin choices. The items below are divided into # those you must specify, those you probably want to specify, those you might # often want to specify, and those that you almost never need to mention. # Edit this file and save the result to a file called Local/Makefile within the # Exim distribution directory before running the "make" command. # Things that depend on the operating system have default settings in # OS/Makefile-Default, but these are overridden for some OS by files called # called OS/Makefile-<osname>. You can further override these by creating files # called Local/Makefile-<osname>, where "<osname>" stands for the name of your # operating system - look at the names in the OS directory to see which names # are recognized. # However, if you are building Exim for a single OS only, you don't need to # worry about setting up Local/Makefile-<osname>. Any build-time configuration # settings you require can in fact be placed in the one file called # Local/Makefile. It is only if you are building for several OS from the same # source files that you need to worry about splitting off your own OS-dependent # settings into separate files. (There's more explanation about how this all # works in the toplevel README file, under "Modifying the building process", as # well as in the Exim specification.) # One OS-specific thing that may need to be changed is the command for running # the C compiler; the overall default is gcc, but some OS Makefiles specify cc. # You can override anything that is set by putting CC=whatever in your # Local/Makefile. # NOTE: You should never need to edit any of the distributed Makefiles; all # overriding can be done in your Local/Makefile(s). This will make it easier # for you when the next release comes along. # The location of the X11 libraries is something else that is quite variable ############################################################################### # THESE ARE THINGS YOU MUST SPECIFY # ############################################################################### # Exim will not build unless you specify BIN_DIRECTORY, CONFIGURE_FILE, and # EXIM_USER. You also need EXIM_GROUP if EXIM_USER specifies a uid by number. # If you don't specify SPOOL_DIRECTORY, Exim won't fail to build. However, it # really is a very good idea to specify it here rather than at run time. This # is particularly true if you let the logs go to their default location in the # spool directory, because it means that the location of the logs is known # before Exim has read the run time configuration file. #------------------------------------------------------------------------------ # BIN_DIRECTORY defines where the exim binary will be installed by "make # install". The path is also used internally by Exim when it needs to re-invoke # itself, either to send an error message, or to recover root privilege. Exim's # utility binaries and scripts are also installed in this directory. There is # no "standard" place for the binary directory. Some people like to keep all # the Exim files under one directory such as /usr/exim; others just let the # Exim binaries go into an existing directory such as /usr/sbin or # /usr/local/sbin. The installation script will try to create this directory, # and any superior directories, if they do not exist. BIN_DIRECTORY=/usr/exim/bin #------------------------------------------------------------------------------ # CONFIGURE_FILE defines where Exim's run time configuration file is to be # found. It is the complete pathname for the file, not just a directory. The # location of all other run time files and directories can be changed in the # run time configuration file. There is a lot of variety in the choice of # location in different OS, and in the preferences of different sysadmins. Some # common locations are in /etc or /etc/mail or /usr/local/etc or # /usr/local/etc/mail. Another possibility is to keep all the Exim files under # a single directory such as /usr/exim. Whatever you choose, the installation # script will try to make the directory and any superior directories if they # don't exist. It will also install a default runtime configuration if this # file does not exist. CONFIGURE_FILE=/usr/exim/configure # It is possible to specify a colon-separated list of files for CONFIGURE_FILE. # In this case, Exim will use the first of them that exists when it is run. # However, if a list is specified, the installation script no longer tries to # make superior directories or to install a default runtime configuration. #------------------------------------------------------------------------------ # The Exim binary must normally be setuid root, so that it starts executing as # root, but (depending on the options with which it is called) it does not # always need to retain the root privilege. These settings define the user and # group that is used for Exim processes when they no longer need to be root. In # particular, this applies when receiving messages and when doing remote # deliveries. (Local deliveries run as various non-root users, typically as the # owner of a local mailbox.) Specifying these values as root is very strongly # discouraged. EXIM_USER=exim # If you specify EXIM_USER as a name, this is looked up at build time, and the # uid number is built into the binary. However, you can specify that this # lookup is deferred until runtime. In this case, it is the name that is built # into the binary. You can do this by a setting of the form: # EXIM_USER=ref:exim # In other words, put "ref:" in front of the user name. If you set EXIM_USER # like this, any value specified for EXIM_GROUP is also passed "by reference". # Although this costs a bit of resource at runtime, it is convenient to use # this feature when building binaries that are to be run on multiple systems # where the name may refer to different uids. It also allows you to build Exim # on a system where there is no Exim user defined. # If the setting of EXIM_USER is numeric (e.g. EXIM_USER=42), there must # also be a setting of EXIM_GROUP. If, on the other hand, you use a name # for EXIM_USER (e.g. EXIM_USER=exim), you don't need to set EXIM_GROUP unless # you want to use a group other than the default group for the given user. EXIM_GROUP=exim # Many sites define a user called "exim", with an appropriate default group, # and use # # EXIM_USER=exim # # while leaving EXIM_GROUP unspecified (commented out). #------------------------------------------------------------------------------ # SPOOL_DIRECTORY defines the directory where all the data for messages in # transit is kept. It is strongly recommended that you define it here, though # it is possible to leave this till the run time configuration. # Exim creates the spool directory if it does not exist. The owner and group # will be those defined by EXIM_USER and EXIM_GROUP, and this also applies to # all the files and directories that are created in the spool directory. # Almost all installations choose this: SPOOL_DIRECTORY=/var/spool/exim ############################################################################### # THESE ARE THINGS YOU PROBABLY WANT TO SPECIFY # ############################################################################### # If you need extra header file search paths on all compiles, put the -I # options in INCLUDE. If you want the extra searches only for certain # parts of the build, see more specific xxx_INCLUDE variables below. # INCLUDE=-I/example/include # You need to specify some routers and transports if you want the Exim that you # are building to be capable of delivering mail. You almost certainly need at # least one type of lookup. You should consider whether you want to build # the Exim monitor or not. #------------------------------------------------------------------------------ # These settings determine which individual router drivers are included in the # Exim binary. There are no defaults in the code; those routers that are wanted # must be defined here by setting the appropriate variables to the value "yes". # Including a router in the binary does not cause it to be used automatically. # It has also to be configured in the run time configuration file. By # commenting out those you know you don't want to use, you can make the binary # a bit smaller. If you are unsure, leave all of these included for now. ROUTER_ACCEPT=yes ROUTER_DNSLOOKUP=yes ROUTER_IPLITERAL=yes ROUTER_MANUALROUTE=yes ROUTER_QUERYPROGRAM=yes ROUTER_REDIRECT=yes # This one is very special-purpose, so is not included by default. # ROUTER_IPLOOKUP=yes #------------------------------------------------------------------------------ # These settings determine which individual transport drivers are included in # the Exim binary. There are no defaults; those transports that are wanted must # be defined here by setting the appropriate variables to the value "yes". # Including a transport in the binary does not cause it to be used # automatically. It has also to be configured in the run time configuration # file. By commenting out those you know you don't want to use, you can make # the binary a bit smaller. If you are unsure, leave all of these included for # now. TRANSPORT_APPENDFILE=yes TRANSPORT_AUTOREPLY=yes TRANSPORT_PIPE=yes TRANSPORT_SMTP=yes # This one is special-purpose, and commonly not required, so it is not # included by default. # TRANSPORT_LMTP=yes #------------------------------------------------------------------------------ # The appendfile transport can write messages to local mailboxes in a number # of formats. The code for three specialist formats, maildir, mailstore, and # MBX, is included only when requested. If you do not know what this is about, # leave these settings commented out. SUPPORT_MAILDIR=yes # SUPPORT_MAILSTORE=yes SUPPORT_MBX=yes #------------------------------------------------------------------------------ # These settings determine which file and database lookup methods are included # in the binary. See the manual chapter entitled "File and database lookups" # for discussion. DBM and lsearch (linear search) are included by default. If # you are unsure about the others, leave them commented out for now. # LOOKUP_DNSDB does *not* refer to general mail routing using the DNS. It is # for the specialist case of using the DNS as a general database facility (not # common). LOOKUP_DBM=yes LOOKUP_LSEARCH=yes #LOOKUP_DNSDB=yes # LOOKUP_CDB=yes # LOOKUP_DSEARCH=yes # LOOKUP_IBASE=yes # LOOKUP_LDAP=yes LOOKUP_MYSQL=yes # LOOKUP_NIS=yes # LOOKUP_NISPLUS=yes # LOOKUP_ORACLE=yes # LOOKUP_PASSWD=yes # LOOKUP_PGSQL=yes # LOOKUP_SQLITE=yes # LOOKUP_WHOSON=yes # These two settings are obsolete; all three lookups are compiled when # LOOKUP_LSEARCH is enabled. However, we retain these for backward # compatibility. Setting one forces LOOKUP_LSEARCH if it is not set. # LOOKUP_WILDLSEARCH=yes # LOOKUP_NWILDLSEARCH=yes #------------------------------------------------------------------------------ # If you have set LOOKUP_LDAP=yes, you should set LDAP_LIB_TYPE to indicate # which LDAP library you have. Unfortunately, though most of their functions # are the same, there are minor differences. Currently Exim knows about four # LDAP libraries: the one from the University of Michigan (also known as # OpenLDAP 1), OpenLDAP 2, the Netscape SDK library, and the library that comes # with Solaris 7 onwards. Uncomment whichever of these you are using. # LDAP_LIB_TYPE=OPENLDAP1 # LDAP_LIB_TYPE=OPENLDAP2 # LDAP_LIB_TYPE=NETSCAPE # LDAP_LIB_TYPE=SOLARIS # If you don't set any of these, Exim assumes the original University of # Michigan (OpenLDAP 1) library. #------------------------------------------------------------------------------ # The PCRE library is required for exim. There is no longer an embedded # version of the PCRE library included with the source code, instead you # must use a system library or build your own copy of PCRE. # In either case you must specify the library link info here. If the # PCRE header files are not in the standard search path you must also # modify the INCLUDE path (above) # The default setting of PCRE_LIBS should work on the vast majority of # systems PCRE_LIBS=-lpcre #------------------------------------------------------------------------------ # Additional libraries and include directories may be required for some # lookup styles (e.g. LDAP, MYSQL or PGSQL). LOOKUP_LIBS is included only on # the command for linking Exim itself, not on any auxiliary programs. You # don't need to set LOOKUP_INCLUDE if the relevant directories are already # specified in INCLUDE. The settings below are just examples; -lpq is for # PostgreSQL, -lgds is for Interbase, -lsqlite3 is for SQLite. # LOOKUP_INCLUDE=-I /usr/local/ldap/include -I /usr/local/mysql/include -I /usr/local/pgsql/include # LOOKUP_LIBS=-L/usr/local/lib -lldap -llber -lmysqlclient -lpq -lgds -lsqlite3 LOOKUP_INCLUDE=-I /usr/include/mysql -I /usr/local/mysql/include/ LOOKUP_LIBS=-L/usr/lib64/mysql -lmysqlclient #------------------------------------------------------------------------------ # Compiling the Exim monitor: If you want to compile the Exim monitor, a # program that requires an X11 display, then EXIM_MONITOR should be set to the # value "eximon.bin". Comment out this setting to disable compilation of the # monitor. The locations of various X11 directories for libraries and include # files are defaulted in the OS/Makefile-Default file, but can be overridden in # local OS-specific make files. #EXIM_MONITOR=eximon.bin #------------------------------------------------------------------------------ # Compiling Exim with content scanning support: If you want to compile Exim # with support for message body content scanning, set WITH_CONTENT_SCAN to # the value "yes". This will give you malware and spam scanning in the DATA ACL, # and the MIME ACL. Please read the documentation to learn more about these # features. WITH_CONTENT_SCAN=yes # If you want to use the deprecated "demime" condition in the DATA ACL, # uncomment the line below. Doing so will also explicitly turn on the # WITH_CONTENT_SCAN option. If possible, use the MIME ACL instead of # the "demime" condition. # WITH_OLD_DEMIME=yes #------------------------------------------------------------------------------ # Compiling Exim with experimental features. These are documented in # experimental-spec.txt. "Experimental" means that the way these features are # implemented may still change. Backward compatibility is not guaranteed. # Uncomment the following lines to add SPF support. You need to have libspf2 # installed on your system (www.libspf2.org). Depending on where it is installed # you may have to edit the CFLAGS and LDFLAGS lines. # EXPERIMENTAL_SPF=yes # CFLAGS += -I/usr/local/include # LDFLAGS += -lspf2 # Uncomment the following lines to add SRS (Sender rewriting scheme) support. # You need to have libsrs_alt installed on your system (srs.mirtol.com). # Depending on where it is installed you may have to edit the CFLAGS and # LDFLAGS lines. # EXPERIMENTAL_SRS=yes # CFLAGS += -I/usr/local/include # LDFLAGS += -lsrs_alt # Uncomment the following lines to add Brightmail AntiSpam support. You need # to have the Brightmail client SDK installed. Please check the experimental # documentation for implementation details. You need to edit the CFLAGS and # LDFLAGS lines. # EXPERIMENTAL_BRIGHTMAIL=yes # CFLAGS += -I/opt/brightmail/bsdk-6.0/include # LDFLAGS += -lxml2_single -lbmiclient_single -L/opt/brightmail/bsdk-6.0/lib ############################################################################### # THESE ARE THINGS YOU MIGHT WANT TO SPECIFY # ############################################################################### # The items in this section are those that are commonly changed according to # the sysadmin's preferences, but whose defaults are often acceptable. The # first five are concerned with security issues, where differing levels of # paranoia are appropriate in different environments. Sysadmins also vary in # their views on appropriate levels of defence in these areas. If you do not # understand these issues, go with the defaults, which are used by many sites. #------------------------------------------------------------------------------ # Exim has support for the AUTH (authentication) extension of the SMTP # protocol, as defined by RFC 2554. If you don't know what SMTP authentication # is, you probably won't want to include this code, so you should leave these # settings commented out. If you do want to make use of SMTP authentication, # you must uncomment at least one of the following, so that appropriate code is # included in the Exim binary. You will then need to set up the run time # configuration to make use of the mechanism(s) selected. AUTH_CRAM_MD5=yes # AUTH_CYRUS_SASL=yes AUTH_DOVECOT=yes AUTH_PLAINTEXT=yes AUTH_SPA=yes #------------------------------------------------------------------------------ # Exim can be built to support the SMTP STARTTLS command, which implements # Transport Layer Security using SSL (Secure Sockets Layer). To do this, you # must install the OpenSSL library package or the GnuTLS library. Exim contains # no cryptographic code of its own. Uncomment the following lines if you want # to build Exim with TLS support. If you don't know what this is all about, # leave these settings commented out. # This setting is required for any TLS support (either OpenSSL or GnuTLS) SUPPORT_TLS=yes # Uncomment this setting if you are using OpenSSL TLS_LIBS=-lssl -lcrypto # Uncomment these settings if you are using GnuTLS # USE_GNUTLS=yes # TLS_LIBS=-lgnutls -ltasn1 -lgcrypt # If you are running Exim as a server, note that just building it with TLS # support is not all you need to do. You also need to set up a suitable # certificate, and tell Exim about it by means of the tls_certificate # and tls_privatekey run time options. You also need to set tls_advertise_hosts # to specify the hosts to which Exim advertises TLS support. On the other hand, # if you are running Exim only as a client, building it with TLS support # is all you need to do. # Additional libraries and include files are required for both OpenSSL and # GnuTLS. The TLS_LIBS settings above assume that the libraries are installed # with all your other libraries. If they are in a special directory, you may # need something like TLS_LIBS=-L/usr/lib/openssl/engines/lib -lssl -lcrypto # or # TLS_LIBS=-L/opt/gnu/lib -lgnutls -ltasn1 -lgcrypt # TLS_LIBS is included only on the command for linking Exim itself, not on any # auxiliary programs. If the include files are not in a standard place, you can # set TLS_INCLUDE to specify where they are, for example: TLS_INCLUDE=-I/usr/include/openssl/ # or # TLS_INCLUDE=-I/opt/gnu/include # You don't need to set TLS_INCLUDE if the relevant directories are already # specified in INCLUDE. tls_advertise_hosts = * tls_certificate = /etc/ssl/exim.crt tls_privatekey = /etc/ssl/exim.key tls_on_connect_ports = 465
Sorry those options are for your configuration file not your makefile. What linux distro are you using and why are you building exim from source are there no binary packages for your distro ?
sorry my bad i am using centos 5.4 i am compiling exim from the source because its easy for me because i have to install/deploy several webmail packages that would be serving through httpd and for that i must remember the path to include / bin so for an ease on top of it i have scripts which takes into account exim config by source only( pre defined paths in scripts) any ways to sought this thing out >
Are you saying that your scripts cannot use the exim provided by the centos rpm ? How is that even possible ?
i am not saying that it would not take , its i have never tried it from rpms once i had i broke all the links in my scripts and my webmail packages were not successfully deployed all is what i am tryin to say is the post installation scripts which i use are written in keeping the source code exim installation in mind.
Okay anyway i would not recommend you building your own exim, but anyway let me help you with your specific error message above. Its because you do not have the TDB header files (tdb.h) installed. You need to install the libtdb-devel package. Code: yum install libtdb-devel
