[Exim] authentication problem with client (webmail)

Top Page
Delete this message
Reply to this message
Author: volker
Date:  
To: exim-users
Subject: [Exim] authentication problem with client (webmail)
hi,

can anybody help me setting up my exim 4 with authentication...

i got it working, now i need authentication with netscape, never tested
with outlook, coming soon...

but, if i use my squirrelmail webmail interface, its still sending mail
over sendmail (symbolic link to exim-binary) without yuthentication,
...spammers do so too, and i can see in my logfiles that remote servers
talking to my host as it is an open relay.

how can i stop relaying and make authentication work with
squirrel-webmail?

i must be compatible to dial-up users, but i think i could verify the
senders_helo_name against the list of hosted domains in a database
(exim4 works fine with postgres 7.1)

so can anybody help me setting up my acl's or auths?

here is what my config says:
i added:

auth_advertise_hosts = *

to the main-section

and:
######ACL#######
begin acl

acl_check_rcpt:

  accept  hosts = :
  deny    local_parts   = ^.*[@%!/|]
  require condition = "${if and { \
                        {!eq{$sender_helo_name}{}} \
                        {!eq{$domain}{}} \
                        {eq{$sender_helo_name}{${lookup pgsql{SELECT
domain FROM domain WHERE domain='$sender_helo_name' limit
1}{$value}fail}}} \
                        } {yes}{no}}"


  accept  local_parts   = postmaster
          domains       = +local_domains
  require verify        = sender



  accept  domains       = +local_domains
          endpass
          message       = unknown user
          verify        = sender : recipient
   require condition = "${if and { \
                        {!eq{$sender_helo_name}{}} \
                        {!eq{$domain}{}} \
                        {eq{$sender_helo_name}{${lookup pgsql{SELECT
domain FROM domain WHERE domain='$sender_helo_name' limit
1}{$value}fail}}} \
                        } {yes}{no}}"




 accept  domains       = +relay_to_domains
 require condition = "${if and { \
                        {!eq{$sender_helo_name}{}} \
                        {!eq{$domain}{}} \
                        {eq{$sender_helo_name}{${lookup pgsql{SELECT
domain FROM domain WHERE domain='$sender_helo_name' limit
1}{$value}fail}}} \
                        } {yes}{no}}"
          message       = unrouteable address
          verify        = recipient : sender



accept authenticated = *

possible :((
  accept  hosts         = +relay_from_hosts
  deny    message       = relay not permitted






###authenticators
###works fine but not for webmail :((

db_plain_auth:
    driver = plaintext
    public_name = PLAIN
    client_send = \
        "^username^password"


   server_condition = "${if and { \
                        {!eq{$2}{}} \
                        {!eq{$3}{}} \
                        {eq{$3}{${lookup pgsql{SELECT passwd FROM
account WHERE account='$2' limit 1}{$value}fail}}} \
                        } {yes}{no}}"