Categories
Exim exim4 IMAP ldap Linux ssl Uncategorized

Hooking WP7 to exim4 and dovecot with SSL

Okay, so I go this new phone which allows me to access my gmail and hotmail accounts – I have a lot of e-mails. Part of the problem with my frazzled brain is that I setup a lot of different e-mails

Setting up Dovecot

Dovecot was remarkably simple to setup and get the authentication working. A quick follow of these instructions got the SSL connection to my phone working. I was even able to reuse my self-signed certificate which I use for other services on the same CNAME.

Setting up Exim SSL

Exim has two levels here. One is TLS/SSL setup and other is authentication. I first started with SSL to encrypt the content and authentication information. Seems obvious doesn’t it?

My system is a Ubuntu(Debian) system using the single file configuration. I find this far easier to manage.

This is where I ran into my first issue. A follow of these instructions did not fully enable the  connection with the phone.  The Exim log indicated repeated problems with the TLS connection. Not so easy after all.

Reasearch indicates that some e-mail clients are unable to use the new STARTTLS syntax and instead used a immediate jump into SSL. I would be miffed if that was the case with the Windows Phone client. I set about trying it anyway.

Exim has the setting

 tls_on_connect_ports = 465 

This initiates the SSL connection from the start. This did not work either giving other errors. It appeared that my SSL certificates were not compatible with Exim – even though they worked fine with dovecot. (see above)

However even after I used the certificate generation tool

 exim-gencert 

I still received the same errors. This was beyond my meagre skills. So I moved on, perhaps another day I will find the answer.

Setting up Exim Auth

This part of the setup was very much easier, but sorting out the Debian single file setup was a bit of fun. Not really.

As I use LDAP for authentication and mapping of the virtual e-mail addresses the basic Exim – Debian setup was required to be changed. Below is what I used and is pretty self explanatory.

plain: 
 driver = plaintext
 public_name = PLAIN
 server_condition = ${if ldapauth{user="uid=${quote_ldap_dn:$2},PEOPLE_BASEDN" pass=${quote:$3} \
 ldap://localhost/} {yes}{no}}
 server_set_id = $2

login:
 driver = plaintext
 public_name = LOGIN
 server_prompts = Username:: : Password::
 server_condition = ${if and{ {!eq{}{$1} }\
 {ldapauth{user="uid=${quote_ldap_dn:$1},PEOPLE_BASEDN" pass=${quote:$2} \
 ldap://localhost/} }} \
 {yes}{no}}
 server_set_id = $1 

Note that the PLAIN authenticator does not have prompts and that the userid is $2, because $1 is and unique ID passed through, but often not used. As well there is no empty check for userid – like there is with the LOGIN. This seemed to cause errors.

Summary

I can now read and send e-mails from my phone which is great. While the send cannot use SSL for now, this is something I hope to find an answer for.

One last issue is that the phone client likes to store outgoing e-mails in the Sent Items folder and trash in Deleted Items. This is not the standard setup that Outlook and client use so I will show you how to fix that in my next post.

Categories
email Exim exim4 filter outgoing Ubuntu

Saving away outgoing emails in Exim

In our office we use internet fax by myfax.com who are simply excellent btw. Stay away from the other guys.

Incoming faxes are dropped into a common folder via a bit of procmail script in a common user’s home folder. This user has shared folder setup, see my other post on setting up shared folders in this way.

However, from time to time there is a need for staff to see a fax, which has been sent by another colleague. Usually one colleague had to forward the e-mail to the other so they could view it.

Today, I decided that was a small simple issue that could easily be resolved. We use Exim4 as our e-mail transport. Exim4 is excellent, but I find its documentation a little on the terse side. But I persevered and found two blog entries which helped me out immensely.

The first blog explains how to setup a filter file to truly blind copy all outgoing mail from a user to another user. However for Ubuntu users the file setup mentioned will not work. Ubuntu uses the flat-file configuration to make life simpler for user, and it does! So this blog  entry sorts it all out for us.

Now if you’d rather copy it to the shared folder, and your user’s have rights you can use the Exim save command documented here. I plopped it through as e-mail and let procmail take care to drop it into the correct box.

I hope you find this of great use to you and if you have other solutions, feel free to let me know by posting below.