Re: [Exim] helo_verify and dialup users

Top Page
Delete this message
Reply to this message
Author: Frank S. Bernhardt
Date:  
To: bhoc
CC: exim-users
Subject: Re: [Exim] helo_verify and dialup users
What a coincidence. Just today I set up one of my customers to allow relaying through their server by their
roaming sales reps.

Here's what I did:

1) when compiling exim I specified:

        AUTH_PLAINTEXT= yes


2) in the runtime configure file I specified:

        host_auth_accept_relay = *


        fixed_plain:
        driver = plaintext
        public_name = PLAIN
        server_condition = ${if crypteq{$3}\
    {${extract{1}{:}{${lookup{$2}lsearch{/etc/shadow}($value}}}}}{yes}{no}}
    server_set_id = $2


3) In the mail client (Netscape works, Pegasis works using a LOGIN specification), specify a user name for
SMTP login

It works wonderfully (as does all of Exim).

The above code (more or less) is from Mr. Philip Hazel's excellent O'Reilly book "Exim, The Mail Transfer
Agent". I suggest you buy and read it. ;-)

bhoc@??? wrote:

> Hi,
>
> It turned out that exim is a rather friendly chap, even when it comes to
> be picky. It will positively verify HELO addresses by both forward and
> reverse lookups (to pick up the thread from some days ago), so the
> 'reverse lookup' is not really a problem with at least halfway properly
> configured MTAs.
>
> One problem, though: I demand that my colleagues abroad AUTHenticate
> themselves if they wish to use my exim as a relay (else relaying is
> forbidden, of course). If I activate the helo_verify option, they are
> rejected with a 550 error (HELO argument does not match calling host).
> I assume this is because the HELO verification is done first, then the
> AUTH is advertised, but that's too late then.
>
> I cannot ask my friends to first find out their dialup IP/Hostname, then
> set their mail software, and only then send their stuff. Sure, they could
> always use their ISP's MTA as a relay, but once they are in the office,
> the re-configuration starts again...
>
> Any way around that? (except skipping helo_verify, that is)
>
> -- Ben (bhoc at domain pentagroup in country ch)
>
> --
>
> ## List details at http://www.exim.org/mailman/listinfo/exim-users Exim details at http://www.exim.org/ ##


--

Regards

Frank S. Bernhardt
b.c.s.i.
14 Halton Court
Markham, ON.
L3P 6R3

905-471-1691 Voice
905-471-3016 FAX

frank@???