Re: [Exim] Exim auth - problem - part 2

Kezdőlap
Üzenet törlése
Válasz az üzenetre
Szerző: SWS
Dátum:  
Címzett: exim-users
Régi témák: Re: [Exim] Exim auth - problem
Tárgy: Re: [Exim] Exim auth - problem - part 2

On Wed, 28 Nov 2001 Sharun@??? wrote:

> First, try to set big debug level (10), and see all of internal
> checks. This works great for me while i'm tryin' to set not trivial
> SMTP failure responses.
> If you on a production server you can test configuration on another
> port, runnin' exim with different conf.file, while production version
> works on 25.

Hi !

Thank you for your suggestion. My post is very long, I'am sorry.
OK. I set debug level 10.

In my system password is in /etc/shadow file, but I don't use md5

My Netscape session:
--------------------

1 SMTP accept process running
SMTP<< EHLO cms.pam.szczecin.pl
sender_fullhost = sec.pam.szczecin.pl (cms.pam.szczecin.pl) [212.14.5.140]
sender_rcvhost = sec.pam.szczecin.pl ([212.14.5.140]
helo=cms.pam.szczecin.pl)
set_process_info: 1839 handling incoming connection from
sec.pam.szczecin.pl (cms.pam.szczecin.pl) [212.14.5.140]
Actual local interface address is 127.0.0.1 (lo0)
Actual local interface address is 212.14.5.152 (hme0)
local host found for non-MX address
localhost 127.0.0.1 mx=-1
host in host_accept_relay? no (end of list)
host in host_auth_accept_relay? yes (*)
host in tls_advertise_hosts? no (option unset)
SMTP>> 250-cms.pam.szczecin.pl Hello sec.pam.szczecin.pl [212.14.5.140]

250-SIZE
250-PIPELINING
250-AUTH PLAIN LOGIN
250 HELP
child 1838 ended: status=0x0
0 queue-runner processes now running
listening on port 25...
SMTP<< AUTH PLAIN AHRlc3R1c2VyAHF3ZXJ0eTEy
search_open: lsearch "/etc/shadow"
search_find: file="/etc/shadow"
  key="testuser" partial=-1
LRU list:
  7/etc/shadow
  End
internal_search_find: file="/etc/shadow"
  type=lsearch key="testuser"
file lookup required for testuser
  in /etc/shadow
lookup yielded: TRBwLA8WWjWUo:11654::::::        # ???
plain authenticator:
  $1 = 
  $2 = testuser
  $3 = qwerty12                                  # my password
expanded string: 0

SMTP>> 535 Incorrect authentication data

LOG: 0 MAIN REJECT
Authentication failed for sec.pam.szczecin.pl (cms.pam.szczecin.pl)
[212.14.5.140]: 535 Incorrect authentication data

and part of my exim.conf
> plain:
>   driver = plaintext 
>   public_name = PLAIN
>   server_condition = "${if and {{!eq{$2}{}}{!eq{$3}{}}{crypteq{$3}\  
>                    {${extract{2}{:}{${lookup{$2}lsearch{/etc/shadow}\
>                    {$value}{*:*}}}}}}}{1}{0}}"
>   server_set_id = $2


and my Outlook session:
-----------------------

Exim version 3.33 debug level 10 uid=0 gid=1
probably ndbm
Actual local interface address is 127.0.0.1 (lo0)
Actual local interface address is 212.14.5.152 (hme0)
Caller is an admin user
Caller is a trusted user
originator: uid=0 gid=1 login=root name=Super-User
port = 25
listening on all interfaces (IPv4)
pid written to /var/run/exim.pid
LOG: 0 MAIN
exim 3.33 daemon started: pid=1895, -q30m, listening for SMTP on port 25
set_process_info: 1895 daemon: -q30m, listening on port 25
daemon running with uid=0 gid=1 euid=0 egid=1
SIGALRM received
Starting queue-runner: pid 1896
LOG: 0 MAIN
Start queue run: pid=1896
queue running main directory
LOG: 0 MAIN
End queue run: pid=1896
1 queue-runner process running
listening on port 25...
Connection request from 212.14.5.140/1090
interface address = 212.14.5.152
host in rfc1413_hosts? yes (*)
ident callback failed
sender_fullhost = [212.14.5.140]
sender_rcvhost = [212.14.5.140]
Process 1897 is handling incoming connection from [212.14.5.140]
checking for IP options
no IP options found
host in host_lookup? yes (*)
looking up host name for 212.14.5.140
IP address lookup yielded sec.pam.szczecin.pl
Alias sec
sender_fullhost = sec.pam.szczecin.pl [212.14.5.140]
sender_rcvhost = sec.pam.szczecin.pl ([212.14.5.140])
set_process_info: 1897 handling incoming connection from
sec.pam.szczecin.pl [212.14.5.140]
host in host_reject? no (option unset)
host in host_reject_recipients? no (option unset)
host in auth_hosts? no (option unset)
host in auth_over_tls_hosts? no (option unset)
host in tls_hosts? no (option unset)
host in sender_unqualified_hosts? no (option unset)
host in receiver_unqualified_hosts? no (option unset)
host in helo_verify? no (option unset)
host in helo_accept_junk_hosts? no (option unset)
SMTP>> 220 cms.pam.szczecin.pl ESMTP Exim 3.33 #1 Wed, 28 Nov 2001

15:30:37 +0100
set_process_info: 1897 handling incoming connection from
sec.pam.szczecin.pl [212.14.5.140]
ready for new message
smtp_setup_msg entered
1 SMTP accept process running
child 1896 ended: status=0x0
0 queue-runner processes now running
listening on port 25...
SMTP<< HELO sec
sender_fullhost = sec.pam.szczecin.pl (sec) [212.14.5.140]
sender_rcvhost = sec.pam.szczecin.pl ([212.14.5.140] helo=sec)
set_process_info: 1897 handling incoming connection from
sec.pam.szczecin.pl (sec) [212.14.5.140]
SMTP>> 250 cms.pam.szczecin.pl Hello sec.pam.szczecin.pl [212.14.5.140]

SMTP<< RSET
SMTP>> 250 Reset OK

SMTP<< RSET
SMTP>> 250 Reset OK

SMTP<< MAIL FROM: <testuser@???>
testuser@??? in sender_reject? no (option unset)
testuser@??? in sender_reject_recipients? no (option
unset)
SMTP>> 250 <testuser@???> is syntactically correct

SMTP<< RCPT TO: <swspam@???>
dedal.man.szczecin.pl in local_domains? no (end of list)
dedal.man.szczecin.pl in relay_domains? no (end of list)
Actual local interface address is 127.0.0.1 (lo0)
Actual local interface address is 212.14.5.152 (hme0)
local host found for non-MX address
localhost 127.0.0.1 mx=-1
host in host_accept_relay? no (end of list)
SMTP>> 550 relaying to <swspam@???> prohibited by

administrator
LOG: 1 MAIN REJECT
refused relay (host) to <swspam@???> from
<testuser@???> H=sec.pam.szczecin.pl (sec) [212.14.5.140]
SMTP<< QUIT
SMTP>> 221 cms.pam.szczecin.pl closing connection

search_tidyup called
child 1897 ended: status=0x0
0 SMTP accept processes now running
listening on port 25...

and part of my exim.conf

> login:
>   driver = plaintext 
>   public_name = LOGIN
>   server_prompts = "Username:: : Password::"
>   server_condition = "${if and {{!eq{$1}{}}{!eq{$2}{}}{crypteq{$2}\  
>                    {${extract{2}{:}{${lookup{$1}lsearch{/etc/shadow}\
>                    {$value}{*:*}}}}}}}{1}{0}}"
>   server_set_id = $1


auth is exclude. Why ?

Slawek