Setting up Exim4 with GMail and 2-factor Authentication

by | July 26, 2016

Setting up Exim 4 is relatively easy on Debian, especially if you’re only sending mail to yourself (i.e. Server messages, Forget Password requests, etc). Because I have home-level Internet service from my Canadian ISP, I can’t host mail directly on this box – but I also don’t want to rely on Shaw’s mail servers if I ever change service later on in life.

Because I don’t rely on my ISP’s servers, I can use GMail’s servers. I use GMail all the time for my personal and non-profit emails, and I know their service works as probably one of the best in the industry. Yes, I know my mail is stored outside my control, but it’s free.

If you aren’t paying for the commercial product, you are the product
– A quote I live by

I also use 2-factor authentication for my GMail account. This can present a great solution, as I can generate an App Password that stays with the device, even after password changes. Generate one, and save the 16-character alphanumeric password – once the screen disappears with the password, it is never displayed again! Follow their advice, and only put it in to the one thing you choose to use it with – anything that does not support 2-factor authentication!

Next up, make sure you have the Exim server installed. Run (as root or sudo) apt-get install exim4 to get the software package (it’s a meta package), then we can configure it. The rest of this tutorial is adapted from Debian’s Documentation, but altered with the commands actually used

Next, run dpkg-reconfigure exim4-config, and answer the questions as indicated below:

  • mail sent by smarthost; no local mail
  • System mail name: localhost
  • IP-addresses to list on for incoming SMTP connections: 127.0.0.1 ; ::1
  • Other destinations for which mail is accepted: <blank>
  • Visible domain name for local users: localhost
  • IP address or host name of the outgoing smarthost: smtp.gmail.com::587 (note the double-colons between the hostname and the port number)
  • Keep number of DNS-queries minimal: No
  • Split configuration into small files: No

Next, open up /etc/exim4/passwd.client and enter the following line:

*.google.com:emailaddress@gmail.com:AppPasswordHere

Save the file, and exit. It should have 640 permissions. Finally, to save the settings and restart Exim, enter the following:

update-exim4.conf
service exim4 restart

Next, try to send an email out:

mail root
Subject: Subject line here
Enter whatever giberrish here you want
Ctrl+D

If you did it right, it should relay through to Gmail’s servers, and be in your inbox. This is a quick-and-dirty way of getting mail sending from your server.

One thought on “Setting up Exim4 with GMail and 2-factor Authentication

  1. Pingback: Troubleshooting your Exim Server - Talk About IT!