... | ... | @@ -267,6 +267,50 @@ For debugging, you can make SMTP client sessions verbose in Postfix: |
|
|
example, you can try to force the authentication mechanism to
|
|
|
`cram-md5` this way.
|
|
|
|
|
|
### Exim4 client configuration
|
|
|
|
|
|
You can configure your Exim to send mails which you send `From:` your `torproject.org` email via the TPI submission service, while leaving your other emails going whichever way they normally do.
|
|
|
|
|
|
These instructions assume you are using Debian (or a derivative), and have the Debian semi-automatic exim4 configuration system enabled, and have selected "split configuration into small files". (If you have done something else, then hopefully you are enough of an Exim expert to know where the pieces need to go.)
|
|
|
|
|
|
1. Create `/etc/exim4/conf.d/router/190_local_torproject` containing
|
|
|
|
|
|
```
|
|
|
smarthost_torproject:
|
|
|
debug_print = "R: Tor Project smarthost"
|
|
|
domains = ! +local_domains
|
|
|
driver = manualroute
|
|
|
transport = smtp_torproject
|
|
|
route_list = * submission.torproject.org
|
|
|
same_domain_copy_routing = yes
|
|
|
condition = ${if match{$h_From:}{torproject\.org}{true}{false}}
|
|
|
no_more
|
|
|
```
|
|
|
|
|
|
2. Create `/etc/exim4/conf.d/transport/60_local_torproject` containing (substituting your TPI username):
|
|
|
```
|
|
|
smtp_torproject:
|
|
|
driver = smtp
|
|
|
port = 587
|
|
|
return_path = USERNAME@torproject.org
|
|
|
hosts_require_auth = *
|
|
|
hosts_require_tls = *
|
|
|
```
|
|
|
|
|
|
3. In `/etc/exim4/passwd.client` add a line like this (substituting your TPI username and password):
|
|
|
```
|
|
|
*.torproject.org:USERNAME:PASSWORD
|
|
|
```
|
|
|
|
|
|
4. Run `update-exim4.conf` (as root).
|
|
|
|
|
|
5. Send a test email. Either examine the `Received` lines to see where it went, or look at your local `/var/log/exim4/mainlog`, which will hopefully say something like this:
|
|
|
```
|
|
|
2022-07-21 19:17:37 1oEajx-0006gm-1r => ...@torproject.org R=smarthost_torproject T=smtp_torproject H=submit-01.torproject.org [2a01:4f8:fff0:4f:266:37ff:fe18:2abe] X=TLS1.3:ECDHE_RSA_AES_256_GCM_SHA384:256 CV=yes DN="CN=submit-01.torproject.org" A=plain K C="250 2.0.0 Ok: 394 bytes queued as C3BC3801F9"
|
|
|
```
|
|
|
|
|
|
By default authentication failures are treated as temporary failures. You can use `exim -M ...` to retry messages. While debugging, don't forget to `update-exim4.conf` after making changes.
|
|
|
|
|
|
## Pager playbook
|
|
|
|
|
|
No pager playbook has been built yet. See the [Monitoring and
|
... | ... | |