SMTP relay with Exim4

Context

Servers are made to send email notifications to administrators, and you need to receive them. Don’t believe me?

  • Linux sends emails to root when a crontab has an output.
  • Linux notifies you updates (apticron)
  • SQL Server reports error and job status
  • Your DRAC or other management system is dying to talk to you about it’s hardware problems
  • A bunch or your apps is eager to send you reports

The problem is that all products are different and it’s very time consuming to make a proper configuration on each system.

Even worst, doing so makes changing any parameter a big task, imagine the email password of the dedicated email expiring…

Let’s makes things easier for you, you deserve it

Let’s fix this once and for all because, let’s face it, you have a lot more to do.

The plan

Let’s setup an Exim4 relay to ease the configuration of all your systems.

In which cases it’s a good idea:

  • Your servers are in a private network
  • You have a management network

In which cases it’s NOT a good idea:

  • Your servers are out in the open

Why? Well, we are setting up a relay and for compatibility and simplicity there is no encryption (Yes, some applications won’t support sending emails over SSL!). Is it that bad? Not really as long it’s an isolated network you trust!

The biggest risk would be if you were sending critical information such as password using that relay. I consider an application like that should have a dedicated email account/configuration so I’m not too worried about that.

But that’s not all, if your SMTP relay is out in the internet, it will be pray to spammers unless very strictly protected by a firewall.

Requirements:

I recommend you get a dedicated system for this task. The reason is that you don’t want to have it to go down because some app needed a server restart.

I use a minimal (256MB RAM, 8GB HDD) XenServer VM running Debian.

The amount of processing power required is really low, even a RaspberryPi is up to the task!

Installation:

apt-get update
apt-get install exim4

Configuration:

Considering a relay for the corporate email domain my-domain.com, SMTP address smtp.my-domain.com and with a local domain (AD?)  of my-domain.local:

dpkg-reconfigure exim4-config

exim4-relay-1 exim4-relay-2 exim4-relay-3 exim4-relay-4 exim4-relay-5 exim4-relay-6

Here you want to make sure you are using SSL!

exim4-relay-7 exim4-relay-8


Now time to set the credentials of the account:

nano /etc/exim4/passwd.client

Edit such as:

smtp.my-domain.com:[email protected]:my_password

Where:

  • smtp.my-domain.com is the address of the smtp server
  • [email protected] is the email account used to send the emails
  • my_password is the email account password

Now a reload of the configuration is required:

/etc/init.d/exim4 restart

Test!

The configuration with sendmail:

sendmail -v [email protected]
After pressing <enter>, write a few lines then press Ctrl+D the send the email.

5 Comments

  1. felice January 1, 2016 11:44 pm  Reply

    How to relay this mail server by sending email using php script?

    • Martin DENIZET April 19, 2016 5:17 am  Reply

      Just use your normal PHP mailing function configured with localhost.
      Cheers,

  2. tdwong February 25, 2016 9:19 am  Reply

    I think there is a missing step after editing the passwd.client file. You need to do,
    $ sudo update-exim4.conf
    before restarting exim4

    • Martin DENIZET April 19, 2016 5:14 am  Reply

      Hello,
      Thank you for your comment!
      From my experience, there is no need to “recompile” the conf after editing passwd.client.
      Please tell me if you experienced otherwise, maybe the behavior changed in Debian 8 and I didn’t realize it.
      Cheers!

Leave a Reply