FS#6004 - TLS-support in Exim

Attached to Project: Arch Linux
Opened by Erik Grinaker (erikg) - Thursday, 14 December 2006, 00:46 GMT
Last edited by Andreas Radke (AndyRTR) - Sunday, 18 November 2007, 21:34 GMT
Task Type Feature Request
Category Packages: Extra
Status Closed
Assigned To Tobias Powalowski (tpowa)
Aaron Griffin (phrakture)
Andreas Radke (AndyRTR)
Architecture All
Severity Low
Priority Normal
Reported Version 0.7.2 Gimmick
Due in Version Undecided
Due Date Undecided
Percent Complete 100%
Votes 1
Private No

Details

Exim isn't built with support for TLS/SSL, which me from using encrypted email transfers.

Enabling it would introduce a dependency on OpenSSL, but as many other packages (including fairly basic ones like openssh, python, and wget) already depend on it I assume most people already have it installed.
This task depends upon

Closed by  Andreas Radke (AndyRTR)
Sunday, 18 November 2007, 21:34 GMT
Reason for closing:  Fixed
Comment by Erik Grinaker (erikg) - Thursday, 14 December 2006, 01:09 GMT
Here's a patch for building with TLS support
   exim-tls.patch (1 KiB)
Comment by Aaron Griffin (phrakture) - Wednesday, 24 October 2007, 17:42 GMT
Looks ok to me - you guys were the last ones to rebuild exim - any problems if I make this change tonight?
Comment by Fabian Walther (Namru) - Wednesday, 24 October 2007, 18:46 GMT
i used another patch now since 4.66 i found it for some time in arch forum

this lines for TLS:
sed 's|^# SUPPORT_TLS.*$|SUPPORT_TLS=yes|' | \
sed 's|^# TLS_LIBS.*$|TLS_LIBS=-L/usr/lib -lssl -lcrypto|' | \
sed 's|^# TLS_INCLUDE.*$|TLS_INCLUDE=-I/usr/include/openssl|' | \

and this for dovecot auth.
pacman -Qs dovecot
local/dovecot 1.0.3-2
An IMAP and POP3 server written with security primarily in mind
With this line you can use a running dovecot imap server for user auth.
It works also with TLS and auth modes like CRAM-MD5

sed 's|^# AUTH_DOVECOT=yes$|AUTH_DOVECOT=yes|' | \


regards
   eximNamru.patch (0.9 KiB)
Comment by Tobias Powalowski (tpowa) - Thursday, 25 October 2007, 05:43 GMT
i don't use exim so please go ahead, if you use it aaron :)
Comment by Arvid Picciani (aep) - Thursday, 15 November 2007, 14:22 GMT
tonight, eh?
it's the third update my mailserver 'sploded now. are you seriously using a mailserver without tls?
Comment by Aaron Griffin (phrakture) - Thursday, 15 November 2007, 16:47 GMT
I'm not using a mailserver at all - I don't use exim, and adopted this package it's important.

You ARE welcome to rebuild with ABS if I'm to slow for you, and, in fact, it's the recommended way to do these things until we fix them. It's YOUR machine you're running, not ours.

Comment by Aaron Griffin (phrakture) - Thursday, 15 November 2007, 17:13 GMT
Ok, package built and put in testing i686.

Please let me know if it works for you, and I will rebuild for both architectures.
Comment by Arvid Picciani (aep) - Thursday, 15 November 2007, 20:01 GMT
works for me. thanks alot aaron.
yes i could use abs, but for a production server (uh hey yes i know i'm crazy using arch on that, bu i dont want anythong non arch anymore :D ) it's a bit messy to recompile exim every update.
Comment by Fabian Walther (Namru) - Thursday, 15 November 2007, 20:25 GMT
thx,
works also for me.

Loading...