Re: [Exim] Security Considerations (AUTH + shadow)

Top Page
Delete this message
Reply to this message
Author: Lukasz Grochal
Date:  
To: exim-users
Subject: Re: [Exim] Security Considerations (AUTH + shadow)
Phil Pennock <Phil.Pennock@???> writes:

> I forget the name, but search the mailing-list archives - it was
> something like "pam_file", I think.


It's called pam_pwdfile and full setup could look like:

auth            required        pam_pwdfile.so  pwdfile /etc/some_file
account         required        pam_permit.so


Still, it requires /etc/some_file to be readable by exim user (group).
But the authenticator entries get very ellegant this way ;)
Additionally - you can use the same pam setup for POP3 authentication
making it totally independant from shell account passwords. More than
that, this doesn't require shell accounts at all - just mailboxes
and corresponding password file entries.

--
(-) Łukasz Grochal