[Exim] Testing client Authentication

Páxina inicial
Borrar esta mensaxe
Responder a esta mensaxe
Autor: Donald Thompson
Data:  
Para: exim-users
Asunto: [Exim] Testing client Authentication
I'm trying to get a dialup linux box client to use an exim server as a
smarthost. The authentication mechanisms on the server work fine as far as
I can tell. They advertise PLAIN and LOGIN AUTH mechanisms upon
connection. However it appears to me the client doesn't bother trying to
authenticate and I end up with a relaying denied.

On the client exim config file I have:

In TRANSPORTS CONFIGURATION

remote_smtp:
driver = smtp
port = 9671
authenticate_hosts = mysmarthost.smarthost.com


In ROUTERS CONFIGURATION

smarthost:
driver = domainlist
transport = remote_smtp
route_list = "* mysmarthost.smarthost.com bydns_a"

In AUTHENTICATION CONFIGURATION

plain:
driver = plaintext
public_name = PLAIN
client_send = ^user^password

And heres the log from a connection:

junior:/etc# mail -v donthomp@???
Subject: test
test
test
.
Cc:
LOG: 0 MAIN
<= root@??? U=root P=local S=322
Exim version 3.33 debug level 1 uid=8 gid=8
probably Berkeley DB version 1.8x (native mode)
delivering message 15l0SW-00014L-00
junior:/etc# Connecting to mysmarthost.smarthost.com [XXX.XXX.XXX.XXX.9671] ... connected
SMTP<< 220 mysmarthost.smarthost.com ESMTP Exim 3.21 #1 Sat, 22 Sep 2001
22:01:38 -0600
SMTP>> EHLO homebox.home

  SMTP<< 250-mysmarthost.smarthost.com Hello homebox.home [63.61.50.214]
         250-SIZE
         250-PIPELINING
         250-AUTH PLAIN LOGIN
         250-STARTTLS
         250 HELP

SMTP>> STARTTLS

SMTP<< 220 OpenSSL/0.9.6beta go ahead
Initialised TLS (OpenSSL/0.9.6beta)
Cipher: TLSv1:DES-CBC3-SHA:168
SMTP>> EHLO homebox.home

  SMTP<< 250-mysmarthost.smarthost.com Hello homebox.home [63.61.50.214]
         250-SIZE
         250-PIPELINING
         250-AUTH PLAIN LOGIN
         250 HELP

SMTP>> MAIL FROM:<root@???> SIZE=1356
SMTP>> RCPT TO:<donthomp@???>
SMTP>> DATA

SMTP<< 250 <root@???> is syntactically correct
SMTP<< 550 relaying to <donthomp@???> prohibited by administrator
SMTP<< 503 Valid RCPT TO <recipient> must precede DATA
SMTP>> QUIT

tls_close(): shutting down SSL
LOG: 0 MAIN
** donthomp@??? R=smarthost T=remote_smtp: SMTP error from remote
mailer after RCPT TO:<donthomp@???>: host mysmarthost.smarthost.com
[XXX.XXX.XXX.XXX]: 550 relaying to <donthomp@???> prohibited by
administrator
Exim version 3.33 debug level 1 uid=8 gid=8
probably Berkeley DB version 1.8x (native mode)
LOG: 0 MAIN
<= <> R=15l0SW-00014L-00 U=mail P=local S=1291
LOG: 5 MAIN
Error message sent to root@???
Exim version 3.33 debug level 1 uid=8 gid=8
probably Berkeley DB version 1.8x (native mode)
delivering message 15l0SY-00014N-00
LOG: 0 MAIN
Completed
LOG: 0 MAIN
=> dalphi <root@???> D=localuser T=local_delivery
LOG: 0 MAIN
Completed

It doesn't appear to me that the client is attempting to initiate any sort
of authentication. I've got authentication working on the server side with
netscape and outlook clients just fine, however its obviously not working
here. I may be wrong, but I'm assuming I should be seeing the client send
some sort of AUTH command in the above output, but I'm not seeing it.

Is there anyway to test my config file to identify if my client will
attempt authentication with a smarthost server?

Is there anything else in the above that I'm missing?

Before anyone asks, The 'port = 9671' is to get around an ISP that blocks
access to port 25 to anything but their own mail servers. On the server,
port 9671 is redirected to port 25 via an iptable rule.

-Don