exim tweak: only allow smtp auth login if encryption is enabled

J

jigster

Verified User
Joined
Jul 23, 2021
Messages
89
I want to do the exim tweak How to only allow smtp auth login if encryption is enabled but I prefer not to edit exim.conf directly so I can keep the DA setting eximconf set to yes. Right below the authenticators section in exim.conf there's:

.include_if_exists /etc/exim.authenticators.post.conf
Click to expand...

Anyone see any issues putting the mods in there instead of exim.conf? Does that file get overwritten during updates?

Thanks
 
OK it can't go in /etc/exim.authenticators.post.conf as exim throws errors about there being two authenticators sections. Any other ideas, or is the only way to set eximconf to no and edit exim.conf directly?
 
Hello,

You might use CustomBuild hooks and apply your custom patch for exim.conf every time you install/update exim.conf. Something like:

Code: 
mkdir -p /usr/local/directadmin/custombuild/custom/hooks/exim_conf/post/
cd /usr/local/directadmin/custombuild/custom/hooks/exim_conf/post/
touch patch_exim_conf.sh
chmod 750 patch_exim_conf.sh

Then use Bash/PHP/Perl or other programming language and add your commands inside of patch_exim_conf.sh to patch exim.conf.
 
Exactly what I was after, thanks!! My script looks like:

Code: 
#!/bin/sh

# patches /etc/exim.conf after every exim.conf install/update
# see https://docs.directadmin.com/other-hosting-services/exim/configuring-exim.html#how-to-only-allow-smtp-auth-login-if-encryption-is-enabled

sed -E -i.bak 's/^([[:space:]]*)server_set_id = \$[0-9]+$/&\n\1server_advertise_condition = \${if def:tls_in_cipher}/' /etc/exim.conf

service exim restart

I also did
Code: 
ln -s /usr/local/directadmin/custombuild/custom/hooks/exim_conf /usr/local/directadmin/custombuild/custom/hooks/eximconf
to alias eximconf in case I ever copy ./build eximconf code from the docs where it does appear sometimes instead of ./build exim_conf. Just to be sure the patch is always implemented no matter how the build is done. It would be good if the ...hooks/eximconf and ...hooks/exim_conf were aliased by DA automatically, but this works fine anyway.
 
OK, since directadmin installs exim.conf on exim update you might want to run this one too:

Code: 
ln -s /usr/local/directadmin/custombuild/custom/hooks/exim_conf  /usr/local/directadmin/custombuild/custom/hooks/exim
 
You must log in or register to reply here.
Back
Top