Renewing exim SSL certificate without using Cpanel or exim scripts,first we have to create the certificate and replace the file with suitable permissions, follow the below steps to do.
1, Creating Self signed certificate files using Openssl.
root@server09 [~]# openssl req -x509 -newkey rsa:1024 -keyout /root/server.key -out /root/server.crt -days 365 -nodes Generating a 1024 bit RSA private key ......................++++++ .............................................++++++ writing new private key to '/root/server.key' ----- You are about to be asked to enter information that will be incorporated into your certificate request. What you are about to enter is what is called a Distinguished Name or a DN. There are quite a few fields but you can leave some blank For some fields there will be a default value, If you enter '.', the field will be left blank. ----- Country Name (2 letter code) [GB]:IN State or Province Name (full name) [Berkshire]:Karnataka Locality Name (eg, city) [Newbury]:Banglore Organization Name (eg, company) [My Company Ltd]:Private Ltd Organizational Unit Name (eg, section) :JWH Common Name (eg, your name or your server's hostname) :server.domain.com Email Address :
2, Verify the existing location and filename and replace the files
root@server09 [~]# ll /etc/exim.key /etc/exim.crt lrwxrwxrwx 1 root root 31 2月 26 2010 /etc/exim.crt -> /var/cpanel/ssl/exim/myexim.crt lrwxrwxrwx 1 root root 31 2月 26 2010 /etc/exim.key -> /var/cpanel/ssl/exim/myexim.key mv /var/cpanel/ssl/exim/myexim.crt /var/cpanel/ssl/exim/myexim.crt_30_5_2013 mv /var/cpanel/ssl/exim/myexim.key /var/cpanel/ssl/exim/myexim.key_30_5_2013 mv /root/server.key /var/cpanel/ssl/exim/myexim.key mv /root/server.crt /var/cpanel/ssl/exim/myexim.crt chmod 660 /etc/exim.key /etc/exim.crt /var/cpanel/ssl/exim/myexim.key /var/cpanel/ssl/exim/myexim.crt chown mailnull.mail /etc/exim.key /etc/exim.crt /var/cpanel/ssl/exim/myexim.key /var/cpanel/ssl/exim/myexim.crt
3, Restart exim
root@server09 [~]# service exim restart
Iam getting email failure messages from a domain hosted in our server, The content like “Domain domain.com has exceeded the max defers and failures per hour (5/5 (100%)) allowed” .
Chances are your client has triggered a fail safe in Exim that restricts them from sending any email out of your server. This event is triggered when an account sends email to addresses that fail or defer more than the set limit. If we limit set within the WHM is 50% or lower mail will now be rejected when that account sends more email andif any 5 email failures.
Here’s how you can change the threshold or disable this feature!
Log into the WHM as root
Click tweak settings
Click the Mail tab
Scroll down and find the “Maximum percentage of failed or deferred messages a domain may send per hour” setting
Change the % or you can disable this feature by selecting the Unlimited option
Maximum percentage of failed or deferred messages a domain may send per hour