[Pkg-exim4-users] Configuring Exim for home network

[David Witbrodt]

Hello,

   Is my understanding correct that this list is for user-level 
problems, and not for developer and package maintainer issues?

   During the holiday, I wanted to configure Exim to serve the machine 
on my home network, which consists of 3 self-built PCs, a DLink 4-port 
home gateway/switch, a DSL modem, and AT&T/Yahoo as my ISP.

   My current arrangement is to connect all 3 PCs to the DLink, which
prevents connections initiated from outside.  Later, I will be placing 
one PC into a DMZ between the modem and the gateway, and keeping the 
other two behind the gateway.
   Looking ahead to that later arrangement, I wanted to experiment 
with  configuring my home network to handle mail this way:

1) mail headed outside the home network has to use the ISP SMTP server 
(ISP policy), and the ISP uses SMTPS -- all transactions encrypted 
using SSL over port 465 -- which is not supported by exim4 when used 
as a client

2) incoming mail should be stored on a single machine so that I have 
only one inbox (and set of folders for saved message) that can be 
accessed from any of the 3 home network machines using any OS

3) the common inbox/saved-folders should be served up via IMAP

4) mail sent outside the network must have headers rewritten to match 
my ISP account username

5) mail between the 3 home network machines must not have their 
headers rewritten

   To accomplish this:

- I decided to let one machine be a smarthost for the others; I set up 
this machine to send all email headed toward the internet to my ISP's 
SMTP server as a smarthost

- I used the 'stunnel4' package to make it possible to use exim4 to 
send outgoing messages to my ISP

- I had to write a new router to handle the machines on my network: 
the default debconf setup when selecting smarthost is to send it all
messages, but I wanted email headed toward one of _my_ machines to 
_not_ be sent to the smarthost

- I had to modify the default "smarthost:" router and the default 
transport "remote_smtp_smarthost:" to interact well with the SSL 
tunnel -- including allowing cleartext username and password 
transactions (AUTH_CLIENT_ALLOW_NOTLS_PASSWORDS in exim4.conf. 
localmacros) and sending to the newly-configured port on localhost 
instead of default port 25 (with the tunnel encrypting everything, so 
that nothing actually ends up being sent in the clear)

- I had to modify the header-rewriting macros, REMOTE_SMTP_HEADERS_-
REWRITE and REMOTE_SMTP_RETURN_PATH, so that messages staying inside 
of my home network did not get rewritten

- since one of my machines acts as a local smarthost for the other 2, 
I used 'dpkg-reconfigure exim4-config' on each of those client 
machines to set the third machine as their smarthost; on that third 
machine I listed those 2 client machines as both relay-to domains and 
as relay-from machines, and I configured '/etc/email-addresses' so 
that headers would be rewritten correctly for the purpose of avoiding 
rejections from the ISP server.

- I used Courier IMAP to serve the Maildir inbox and saved-message 
dirs to all 3 machines (though 'mutt' and 'mail' can access the inbox 
without using IMAP on the internal smarthost machine)

   After many days of Googling, reading local documents and man pages, 
and finally reading quite of bit of

     /usr/share/doc/exim4-base/spec.txt.gz

I was able to get everything working the way I planned.  But, I am 
still uncertain about whether I have done things "The Right Way," and 
was wondering whether this list is a place where I could find people 
who are experienced with exim4 and willing to look at my changes and 
tell me if I've done things in ways that are wrong, bad, or stupid.

   So, can I get help here?  Or should I go elsewhere?


Dave W.