Forge Home

exim

A module for configuring exim

27,213 downloads

203 latest version

5.0 quality score

We run a couple of automated
scans to help you access a
module's quality. Each module is
given a score based on how well
the author has formatted their
code and documentation and
modules are also checked for
malware using VirusTotal.

Please note, the information below
is for guidance only and neither of
these methods should be considered
an endorsement by Puppet.

Version information

  • 1.1.7 (latest)
  • 1.1.5
  • 1.1.4 (deleted)
  • 1.1.3
  • 1.1.2
  • 1.1.1
  • 1.1.0
  • 1.0.1
  • 1.0.0
  • 0.3.2
  • 0.3.0
  • 0.2.9
  • 0.2.8
  • 0.2.7
  • 0.2.6
  • 0.2.5
  • 0.2.4
  • 0.2.3 (deleted)
  • 0.2.2
  • 0.2.1
  • 0.2.0
  • 0.0.3
  • 0.0.2
  • 0.0.1 (deleted)
released Mar 9th 2022
This version is compatible with:
  • Puppet Enterprise 2023.2.x, 2023.1.x, 2023.0.x, 2021.7.x, 2021.6.x, 2021.5.x, 2021.4.x, 2021.3.x, 2021.2.x, 2021.1.x, 2021.0.x, 2019.8.x, 2019.7.x, 2019.5.x, 2019.4.x, 2019.3.x, 2019.2.x, 2019.1.x, 2019.0.x, 2018.1.x, 2017.3.x, 2017.2.x, 2017.1.x, 2016.5.x, 2016.4.x
  • Puppet >= 4.4.0 < 8.0.0
  • , ,

Start using this module

  • r10k or Code Manager
  • Bolt
  • Manual installation
  • Direct download

Add this module to your Puppetfile:

mod 'norisnetwork-exim', '1.1.7'
Learn more about managing modules with a Puppetfile

Add this module to your Bolt project:

bolt module add norisnetwork-exim
Learn more about using this module with an existing project

Manually install this module globally with Puppet module tool:

puppet module install norisnetwork-exim --version 1.1.7

Direct download is not typically how you would use a Puppet module to manage your infrastructure, but you may want to download the module in order to inspect the code.

Download
Tags: exim, mail

Documentation

norisnetwork/exim — version 1.1.7 Mar 9th 2022

puppet-exim

The exim puppet module installes and configures exim. The goal is to support the most complex configurations and compile them into a nice, easy to read, single configuration file.

Usage with hiera

In the simpliest form, you can just include the exim class:

  classes:
  - exim

This configures exim so that it will accept mails generated on the local system, and forwards it to mail..

This will probably not work for you, so I suggest building your own custom configuration. Here is an example replicating the default config:

Load the main class. Disable the default config. Set the acl used for rcpt checking to "acl_check_rcpt" (default, shown for demonstation)

  exim::defaults: false
  exim::acl_smtp_rcpt: 'acl_check_rcpt'

Create a new, acl list named "acl_check_rcpt" :

  exim::acls:
    'acl_check_rcpt':
      statements:
        'Accept local':
          acl_id: 1
          order:  1
          action: 'accept'
          conditions:
            hosts:
            - ':'
        'Accept hostlist':
          acl_id: 1
          order:  2
          action: 'accept'
          conditions:
            hosts:
            - '127.0.0.1'
            - '@'
        'deny all':
          acl_id: 1
          order:  3
          action: 'deny'
          conditions:
            message:
            - 'relay not permitted'

Create 2 routers, one to do aliasing, and one to send mails to a remote smarthost:

  exim::routers:
    'system_aliases':
      order: 1
      driver: 'redirect'
      domains:
        - '@'
      allow_fail: true
      allow_defer: true
      data: '${lookup{$local_part}lsearch{/etc/aliases}}'
    'smarthost':
      order: 2
      driver: 'manualroute'
      transport: 'remote_smtp'
      route_list: '* mail.%{facts.networking.domain} byname'
      host_find_failed: 'defer'
      same_domain_copy_routing: true
      no_more: true

Create an smtp-transport:

  exim::transports:
    'remote_smtp':
      driver: 'smtp'

Create an address-pipe-transport:

  exim::transports:
    'address_pipe':
      driver: 'pipe'
      log_output: true
      return_fail_output: true
      exim_environment:
        - 'USER1': 'user1'
        - 'USER2': 'user2'
      path: '/usr/bin:/bin'
      timeout: '2h'
      timeout_defer: true

Create a default retry rule for all (*) mails:

  exim::retries:
    '*': {}

Usage with "classical" puppet code

In the simpliest form, you can just include the exim class:

  include exim

This configures exim so that it will accept mails generated on the local system, and forwards it to mail..

This will probably not work for you, so I suggest building your own custom configuration. Here is an example replicating the default config:

Load the main class. Disable the default config. Set the acl used for rcpt checking to "acl_check_rcpt" (default, shown for demonstation)

  class {'exim':
    defaults      => false,
    acl_smtp_rcpt => 'acl_check_rcpt',
  }

Create a new, acl list named "acl_check_rcpt" :

  exim::acl {'acl_check_rcpt':
    statements => {
      'Accept local' => {
        action     => 'accept',
        conditions => [ ['hosts',[':']] ],
      },
      'Accept hostlist' => {
        action     => 'accept',
        conditions => [ ['hosts'   , ['@','127.0.0.1']], ]
      },
      'deny all' => {
        action     => 'deny',
        conditions => [ ['message' , ['relay not permitted']], ]
      }
    }
  }

Create 2 routers, one to do aliasing, and one to send mails to a remote smarthost:

  exim::router {'system_aliases':
    order       => 1,
    driver      => 'redirect',
    domains     => ['@'],
    allow_fail  => true,
    allow_defer => true,
    data        => '${lookup{$local_part}lsearch{/etc/aliases}}',
  }
  exim::router {'smarthost':
    order                    => 2,
    driver                   => 'manualroute',
    transport                => 'remote_smtp',
    route_list               => "* mail.${facts['networking']['domain']} byname",
    host_find_failed         => 'defer',
    same_domain_copy_routing => true,
    no_more                  => true,
  }

Create an smtp-transport:

  exim::transport {'remote_smtp':
    driver          => 'smtp',
  }

Create an address-pipe-transport:

  exim::transport {'address_pipe':
    driver             => 'pipe',
    log_output         => true,
    return_fail_output => true,
    exim_environment   => [ 
      { 'USER1'          => 'user1' },
      { 'USER2'          => 'user2' } ],
    path               => '/usr/bin:/bin',
    timeout            => '2h',
    timeout_defer      => true,
  }

Create a default retry rule for all (*) mails:

  exim::retry {'*':}