This is part of The Pile, a partial archive of some open source mailing lists and newsgroups.
Date: Wed, 24 Jul 2002 14:43:09 -0700 From: J C Lawrence <claw@kanga.nu> To: svlug@lists.svlug.org Subject: [svlug] TMDA, Exim, and nmh Those using or interested in using TMDA might be interested in my notes on using nmh under TMDA (http://tmda.net/). Using TMDA under nmh atop Postfix or Exim is problemic. Reasons: nmh, like MH, by default delivers outbound mail via SMTP to port 25 on a defined host. The port number cannot be configured (it calls getservbyname() which does a lookup against "smtp" in /etc/services). Ergo, you are constrained to use tell nmh to use tmda-sendmail instead of SMTP. Using sendmail as the delivery method under MH instead of SMTP is not recommended as is loses a number of useful bits of robustness in mail delivery failure modes. Further, when nmh is configured to use sendmail instead of SMTP nmh's whom tool calls sendmail as follows: .../sendmail/ -m -t -i -bv which creates problems: Postfix does not support "-bv" and returns in error Exim does not support "-t" with "-bv" and returns in error Don't mention Qmail. I won't use it. "whom" is far too useful as a component tool in MH to lose. I've worked out a hack to use TMDA with Exim while retaining nmh's "whom" support using Exim's system filter: 0) Make sure that the following options are set in ~/.tmda/config: DATADIR ALLOW_MODE_640 CRYPT_KEY_FILE FINGERPRINT 1) chgrp everything in and under ~/.tmda to group "mail". 2) Configure Exim as per the current TMDA HOW-TO. 3) Set the following options in exim.conf: message_filter = "/etc/exim/filter" message_filter_pipe_transport = address_pipe 4) /etc/exim/filter reads: # Exim filter testprint "local_part: ${local_part: $h_From:}" testprint "domain: ${domain: $h_From:}" if "$h_X-tmda-fingerprint:" is "" and "${domain: $h_From:}" is "kanga.nu" and "${if exists {/home/${local_part:$h_From:}/.tmda} {true}{false}}" is "true" then pipe "/usr/bin/tmda-inject -c /home/${local_part:$h_From:}/.tmda/config" finish endif Yes, that assumes that all user directories are under /home and that they use ~/.tmda/config instead of ~/.tmdarc. Hack appropriately for your setup. Basic explanation: Exim sends all outbound mail thru the system filter (if one is configured) before attempting delivery. The above system filter extracts the user from the From: address and pipes the message thru that user's TMDA setup via tmda-inject. The system filter runs as the same user as Exim, thus the requirement for the chgrp mail. If your Exim installation runs as a different user, chgrp as appropriate. Notes: This requires that all outbound mail that is to be processed with TMDA has a From: header which references a local user (suffixes are fine), and that the From: address is fully qualified with a known domain. If you're vhosting the above setup would be fairly trivial to extend for other domains and $HOME paths. I'm not vhosting on my desktop and so don't care. You could also qualify on envelope or other headers if you wish. Caveat Emptor. ObNote: I've also written a small patch against TMDA 0.58 to add a "hold" delivery method (identical to "confirm" except it sends no confirmation requests -- very useful for testing configs or doing silent sidetracking of mail). ===