Sunday, April 20, 2014

How to setup exim4 on Debian to use Gmail

Why bother configuring an SMTP mail server on your Linux desktop? Especially if you can send and receive all your emails within a web browser using your Gmail account, or with an email client such as Thunderbird.

My reasons are twofold:

  • Some applications running on my desktop require SMTP to be set up.

    My desktop computer is used to stage a WordPress blog. For WordPress to send email, an SMTP server is required.

  • To redirect local root emails.

    Some programs such as sudo send emails to alert the root user of critical security events. For instance, after 3 failed sudo login attempts. But unless these emails are forwarded to an Internet email account that I actually monitor, they are useless.

This post is about configuring exim4, the default mail server on Debian wheezy.

I assume that

  • exim4 is already installed
  • You have a valid Google Gmail account.

Follow the steps below to configure exim4 to send all outbound emails to a remote "smarthost", namely the Google Gmail SMTP server. The smarthost will take care of forwarding the emails to their final destinations.

  1. Reconfigure exim4.

    By default, exim4 is set up for local email delivery only: no emails to remote domains. You can reconfigure the application using the dpkg-reconfigure command or edit directly the configuration file (/etc/exim4/update-exim4.conf.conf).

    $ sudo dpkg-reconfigure exim4-config
    

  2. Specify exim4 parameters.

    When prompted by dpkg-reconfigure, enter the following values for the respective exim4 parameters.

    Parameters Values
    General type of mail configuration mail sent by smarthost; received via SMTP or fetchmail
    System mail name localhost
    IP addresses to listen on for incoming SMTP connections 127.0.0.1
    Note: external connections are refused.
    Other destinations for which mail is accepted Leave empty.
    Machines to relay mail for Leave empty.
    IP address or host name of the outgoing smarthost smtp.gmail.com::587
    Hide local mail name in outgoing mail? No
    Keep number of DNS-queries minimal (Dial-on-Demand)? No
    Delivery method for local mail mbox format in /var/mail/
    Split configuration into small files? No
  3. Provide the Gmail account and password.

    Append the following to /etc/exim4/passwd.client with the proper Gmail account and password:

    *.google.com:yourAccount@gmail.com:yourPassword
    

    This password file contains sensitive account information. You should verify its file permissions and ownership.

    $ ls -al /etc/exim4/passwd.client
    -rw-r----- 1 root Debian-exim 252 Mar 25 17:24 /etc/exim4/passwd.client
    

    If they are different from the above, use the following commands to set file permissions and ownership.

    $ sudo chown root:Debian-exim /etc/exim4/passwd.client
    $ sudo chmod 640 /etc/exim4/passwd.client
    
  4. Reload exim4.
    $ sudo update-exim4.conf
    $ invoke-rc.d exim4 restart
    [ ok ] Stopping MTA for restart: exim4_listener.
    [ ok ] Restarting MTA: exim4.
    $ exim4 -qff
    

    The -qff parameter forces a delivery attempt for every message, whether frozen or not.

To test, send an email to yourself, and check your Inbox:

$ echo test only | mail -s 'Test Subject' myAddress@gmail.com

If you open the email, you will see that the From address in the email header is the Gmail account which you configured in /etc/exim4/passwd.client.

If you experience any issue with exim4, check its log file located at /var/log/exim4/mainlog.

Now that an SMTP server is set up, my next post explains how to redirect local root emails to an Internet email account of your choice.

13 comments:

Unknown said...

Good post, thank you!

Unknown said...
This comment has been removed by the author.
Anonymous said...

thanks for the help been searching for a solution for this for some time.

Unknown said...

Thanks. Pretty easy, it works !
The first send attempt failed. Actually Google has reinforced their security. I then received an email from them "we recently blocked a sign-in attempt to your google account". I just had to click the link to activate "the less secure apps" mode. Once done, I am now able to send mail from exim4 :)

runester said...

Worked perfectly; thank you for writing this up and being so clear!

Ahmad Kharbat said...

Perfect solution! Thank you very much

Anonymous said...

GREAT tutorial. Also next Post "Redirect local emails to a remote email account". Thank you!

Devuan User said...

Bravo! I finally got it working. Thanks a bunch.

Lnus Torvald said...

nice guide! thanks

Unknown said...

* On Debian 8 Jessie
Replace : "invoke-rc.d exim4 restart"
by : "sudo systemctl restart exim4.service"

* don't forget to allow less secure apps on gmail :
https://www.google.com/settings/security/lesssecureapps

Thank's a lot for the help !

Anonymous said...

Merci de ton aide.
Jean Louis
Debian9 - Exim4 - SMTP Gmail

Anonymous said...

Works like a charm - well written. Thanks so much.

Web Hosting said...

Tested 3 times on a fresh vps, and finally got it working on the 3rd.