/ BLOG / Exim4, Courier, SpamAssassin and RoundCube

Having broken my non-production mail server a few days ago, I decided it was about time to actually get around to fixing it. I don’t intend using it as my primary mail server, but more as a mirror of my ISP’s account - at least until I have a private colocated box again, on a decent line that can handle my mail. Some how I don’t think my home line (read: me) will be happy with all of the various mailing lists coming at it.

Anyway, I decided tonight would be a good time to fix it. Amy’s off dancing with her mum, and other than wanting to play some games, it seemed like an ideal time. Having never actually used Exim4, Courier, and SpamAssassin it seemed like an ideal thing to waffle on about.

  1. Install what you need. As usual apt-get is king.
    apt-get install exim4-daemon-heavy courier-imap spamassassin spamc sa-exim
    Obviously accept all the various dependancies, and select multiple files for exim4, and internet site. Otherwise leave as default.
  2. Make your Maildir (I prefer this over mbox), using courier’s maildirmake command
    maildirmake ~/Maildir/
  3. Append the following to /etc/exim4/update-exim4.conf.conf
    dc_localdelivery=‘maildir_home’
  4. Edit /etc/default/spamassassin, and set ENABLE = 1
  5. Generate the new config
    update-exim4.conf
    and if that went through without any errors, check exim
    exim4 -bV
    and then restart
    /etc/init.d/exim4 start
  6. Test Exim is working, just to make sure
    exim4 -bt user@localhost
    exim4 -v AnExternalMailAccount@Domain.TLD From: user@localhost To: AnExternalMailAccount@Domain.TLD Subject: Test

    Test .

  7. If you want to be particularly shitty and reject exe’s, com’s, bat’s, etc. then add the following to /etc/exim4/conf.d/acl/40_exim4-config_check_data, before the final line, “accept”
    deny message = Serious MIME defect detected ($demime_reason) demime = * condition = ${if >{$demime_errorlevel}{2}{1}{0}}

    deny message = This server will not accept certain file attachments. \ Please resend it as a compressed archive. demime = bat:btm:cmd:com:cpl:dll:exe:lnk:msi:pif:prf:reg:scr:vbs

  8. Edit /etc/exim4/sa-exim.conf, and change the line
    SAEximRunCond: 0
    to
    SAEximRunCond: 1
  9. Now lets add support for virtual domains, in the old fashioned way.
    mkdir /etc/exim4/virtual
  10. Create a set of file, one for each of your domains.
    touch /etc/exim4/virtual/yourdomain.tld
  11. In each file, add the various aliases. The format is localpart: localuser@localhost. Wildcards are accepted.
    postmaster : user@localhost
    The usual Exim magic entries can be present in these files. For instance
    user : :fail: $local_part Does not exist postmaster : :blackhole:
  12. Now to get those virtual domains working, edit /etc/exim4/conf.d/main/01_exim4-config_listmacrosdefs, and replace the local_domains line with
    domainlist local_domains = @:localhost:dsearch;/etc/exim4/virtual
    What this should do is look up the contents of /etc/exim4/virtual. Any valid domain in here will be accepted by the server.
  13. Create /etc/exim4/conf.d/router/350_exim4-config_vdom_aliases, and add
    vdom_aliases: driver = redirect allow_defer allow_fail domains = dsearch;/etc/exim4/virtual data = ${expand:${lookup{$local_part}lsearch*@{/etc/exim4/virtual/$domain}}} retry_use_local_part pipe_transport = address_pipe file_transport = address_file no_more
    This gets the actual aliases working.
  14. Re-generate the configuration
    update-exim4.conf
  15. Restart Exim, if all went well
    /etc/init.d/exim4 restart
Courier requires no real configuration. Woohoo. I’ll have to SSL it at some point but seeing as its currently only within my physical network, I’ll change that at a later date.

One thing to finally remember is to create the Maildir in /etc/skel, and possibly .forward, which can apparently contain user defined filtering rules (and can be surprisingly powerful);

if $h_X-Spam-Status: CONTAINS “Yes” or $h_X-Spam-Flag: CONTAINS “Yes” then save Maildir/.Junk/ finish endif
Having gotten past the hard bit, its was time to play with RoundCube. As with most PHP scripts (yes, I know I’ve been trying to get rid of them, not add more), all you need to do is read INSTALL. Its very straight forward. As for how RoundCube works… I’m not entirely sure if I like it. The interface is pretty good, but I have to say its not quite as slick as Outlook Web Access (which if you ignore the whole IE-only-proprietory-experience thing, isnt too bad), Zimbra or Hula, and its missing some features; but it’s definately getting there. Most certainly much better than Horde IMP or Squirrelmail by a long shot. I’ll give it a few weeks / days, and see how things go.