This page outlines how to configure Majordomo 1.94.5 and Exim 4.x to work together. It is not the only method for doing so.
Typo cleanup, move virtual domains out of basic configuration section, add demime information.
Rough Draft
You should be generally familiar with the basic features of Exim 4.x. You should be working with Majordomo 1.94.5, which will probably be the last released version of Majordomo 1 (Majordomo 2 is a completely different piece of software from Majordomo 1). You will need root access on the server to perform this installation. You should familiarize yourself with the Majordomo FAQ and the installation procedures. The differences between the stock Majordomo installation using Sendmail as the MTA and an installation using Exim as the MTA are small, and the basic instructions for installing Majordomo should be followed.
This section details things that are to be set up in the Exim configuration file, and the setup of the alias files.
In the main configuration section, add the majordomo user to trusted users (this is usually "majordomo"):
trusted_users = exim : majordomo
You may also want to add some other tuning parameters in the main configuration section. Note that these are only suggestions; you should familiarize yourself with these parameters and adjust them to suit.
delay_warning = 0s deliver_queue_load_max = 99 ignore_bounce_errors_after = 0s return_size_limit = 10000 queue_only_load = 3 queue_run_max = 5 smtp_accept_queue = 10 strip_trailing_dot split_spool_directory remote_max_parallel = 40
Exim's router mechanism is very powerful, and we can use it to hide the -out/-outgoing aliases from external users. Exposure of the outgoing aliases has been a significant security problem with Majordomo 1.x installations, and I strongly recommend setting it up this way. First, we set up the publically visible addresses using a redirect driver. The domain in this case is example.com, and we are placing the file of public aliases in "/usr/share/exim/aliases/example.com". The transport majordomo_pipe is discussed later; it is not a standard exim transport and we will have to create it in the transport section of the configuration file.
majordomo_aliases: driver = redirect allow_defer allow_fail data = ${lookup{$local_part}lsearch{/usr/local/share/exim/aliases/example.com}} domains = example.com file_transport = address_file pipe_transport = majordomo_pipe retry_use_local_part no_rewrite user = majordomo
A basic alias file entry is as follows. This alias file entry assumes that majordomo is installed in /usr/majordomo/1.94.5.
sample: "|/usr/majordomo/1.94.5/wrapper resend -l sample -h example.com -f owner-sample sample-out@example.com" sample-digest: sample@example.com sample-request: "|/usr/majordomo/1.94.5/wrapper majordomo -l sample" sample-digest-request: "|/usr/majordomo/1.94.5/wrapper majordomo -l sample-digest" owner-sample-out: listadmin@example.com sample-approval: listadmin@example.com sample-digest-approval: listadmin@example.com owner-sample-digest-outgoing: listadmin@example.com owner-sample: listadmin@example.com owner-sample-digest: listadmin@example.com sample-owner: listadmin@example.com sample-digest-owner: listadmin@example.com
Experienced majordomo admins will recognize that there are no outgoing aliases here. This is what the next router is for. Note the condition, the purpose of which is to restrict access to local, non-tcp access.
majordomo_private: driver = redirect allow_defer allow_fail condition = "${if eq {$received_protocol} {local} \ {true} {false} }" data = ${lookup{$local_part}lsearch{/usr/local/share/exim/aliases/example.com-private}} domains = example.com file_transport = address_file pipe_transport = majordomo_pipe retry_use_local_part user = majordomo
The alias file entry for the -outgoing aliases is as follows.
sample-out: "|/usr/majordomo/1.94.5/wrapper digest -r -C -l sample-digest sample-digest-outgoing@example.com",:include:/tools/majordomo/install/lists/sample sample-digest-outgoing: :include:/tools/majordomo/install/lists/sample-digest
The stock pipe transport can certainly be used, but it will send the list admin annoying messages whenever majordomo operates successfully. Instead of using it, create the following transport, which only sends output to the admin when the operation fails.
majordomo_pipe: driver = pipe group = daemon return_fail_output user = majordomo
This section will eventually contain additional instructions on how to use demime and mhonarc with majordomo and exim.
What follows are alias file entries modified to use an alternate .cf file for majordomo. This alternate .cf file tells majordomo what domain to use in representing itself to the outside world. The first block of entries is from the public alias file, and resend and majordomo both take -C options followed by the path to the alternate .cf file:
sample: "|/usr/majordomo/1.94.5/wrapper resend -C /usr/majordomo/1.94.5/example.com.cf -l sample -h example.com -f owner-sample sample-out@example.com" sample-digest: sample@example.com sample-request: "|/usr/majordomo/1.94.5/wrapper majordomo -C /usr/majordomo/1.94.5/example.com.cf -l sample" sample-digest-request: "|/usr/majordomo/1.94.5/wrapper majordomo -C /usr/majordomo/1.94.5/example.com.cf -l sample-digest"
The changed alias file entry for the -outgoing aliases is as follows. Note that the digest perl script is funky; the option for a non-default config file is -c, not -C.
sample-out: "|/usr/majordomo/1.94.5/wrapper digest -r -C -c example.com.cf -l sample-digest sample-digest-outgoing@example.com",:include:/tools/majordomo/install/lists/sample sample-digest-outgoing: :include:/tools/majordomo/install/lists/sample-digest
Demime is a useful tool for removing attachments and html email from postings and administrative requests. Demime may be found at http://scifi.squawk.com/demime.html. Use of the current version of Demime is recommended; earlier versions require slightly different setup in the Exim configuration file and the alias file.
While it is possible to use Demime in an Exim transport filter, the current version of Demime functions best in the aliases file. In our example, Demime is used both to clean postings being sent to the lists and to clean postings being sent to the -request address. By adding Demime to the -request alias, we can clean out html email so that users who have difficulties sending text-only email can still send majordomo commands and have them work.
The following is what a public alias file might contain if Demime is in use:
sample: "|/usr/local/share/demime '|/usr/majordomo/1.94.5/wrapper resend -l sample -h example.com -f owner-sample sample-out@example.com'" sample-digest: sample@example.com sample-request: "|/usr/local/share/demime '|/usr/majordomo/1.94.5/wrapper majordomo -l sample'" sample-digest-request: "|/usr/local/share/demime '|/usr/majordomo/1.94.5/wrapper majordomo -l sample-digest'"
A section on MHonArc is in preparation.