[Exim] SMTP AUTH problem in Config file

Page principale
Supprimer ce message
Répondre à ce message
Auteur: Jason Ostrom
Date:  
À: exim-users
Sujet: [Exim] SMTP AUTH problem in Config file
I am trying to get SMTP Auth working properly, and I'm now tearing out
my hair with a problem that looks to be related to my configuration
file. I've read all of the exim-user archives, documentation, and I'm
humbled to say this is probably a really obvious problem that I just
can't see right now. Would appreciate any help.

I've compiled SMTP AUTH support, and have the basic setup for my
authenticators working so that I can telnet to localhost 25, and run
the AUTH tests. The problem is when I try to authenticate from other
hosts, I always get "550 relay not permitted".

To the best of my knowledge, the first step is that the server
announces a number of authentication mechanisms with EHLO. Well I
am not seeing this happen when I run in debug, so I think I have a
misconfiguration in my exim.conf for SMTP AUTH on incoming SMTP connections.

I have the following in my exim.conf:

hostlist host_auth_accept_relay = *

hostlist relay_hosts = 10.1.90.0/24

auth_advertise_hosts = *

This might be overkill, but I also setup an acl_smtp_auth:

check_auth:
    accept hosts = *
    accept hosts = host_auth_accept_relay
    accept encrypted = *
    accept condition = ${if eq{${uc:$smtp_command_argument}}\
                        {CRAM-MD5}{yes}{no}}
    deny   message   = TLS encryption or CRAM-MD5 required




Using two different mail clients (the Bat or OE, I get relay denied
and it looks like Exim is not even announcing the authentication mechanisms.

Can anyone help?

Here is the debug from one session:

Connection request from xx.xx.xx.xx port 58200
1 SMTP accept process running
Listening...
host in rfc1413_hosts? yes (matched "*")
doing ident callback
sender_fullhost = [xx.xx.xx.xx]
sender_rcvhost = [xx.xx.xx.xx]
Process 26168 is handling incoming connection from [xx.xx.xx.xx]
checking for IP options
no IP options found
host in host_lookup? no (option unset)
set_process_info: 26168 handling incoming connection from
[xx.xx.xx.xx]
host in host_reject_connection? no (option unset)
host in sender_unqualified_hosts? no (option unset)
host in recipient_unqualified_hosts? no (option unset)
host in helo_verify_hosts? no (option unset)
host in helo_try_verify_hosts? no (option unset)
host in helo_accept_junk_hosts? no (option unset)
LOG: smtp_connection MAIN
SMTP connection from [xx.xx.xx.xx] (TCP/IP connection count = 1)
SMTP>> 220 mail.domain.com ESMTP Exim 4.05 Tue, 18 Jun 2002 17:03:01 -0500

Process 26168 is ready for new message
smtp_setup_msg entered
SMTP<< XXXX STRIKER
LOG: smtp_syntax_error MAIN
SMTP syntax error in "XXXX STRIKER" H=[xx.xx.xx.xx] unrecognized command
SMTP>> 500 unrecognized command

SMTP<< HELO STRIKER
STRIKER in helo_lookup_domains? no (end of list)
sender_fullhost = (STRIKER) [xx.xx.xx.xx]
sender_rcvhost = [xx.xx.xx.xx] (helo=STRIKER)
set_process_info: 26168 handling incoming connection from (STRIKER)
[xx.xx.xx.xx]
SMTP>> 250 mail.domain.com Hello STRIKER [xx.xx.xx.xx]

SMTP<< MAIL FROM:<jostrom@???>
SMTP>> 250 OK

SMTP<< RCPT TO:<justiceguy@???>
active address justiceguy@???
local_part=justiceguy domain=pobox.com
using ACL "check_recipient"
processing "accept"
check hosts = :
host in ":"? no (end of list)
accept: condition test failed
processing "accept"
check domains = +local_domains
pobox.com in "mail.domain2.com:mail.domain2.net"? no (end of list)
pobox.com in "+local_domains"? no (end of list)
cached lookup data = NULL
accept: condition test failed
processing "accept"
check hosts = +relay_hosts
host in "10.1.90.0/24"? no (end of list)
host in "+relay_hosts"? no (end of list)
accept: condition test failed
processing "deny"
deny: condition test succeeded
SMTP>> 550 relay not permitted

LOG: MAIN REJECT
H=(STRIKER) [xx.xx.xx.xx] F=<jostrom@???> rejected RCPT <justiceguy@???>: relay not permitted
SMTP<< QUIT
SMTP>> 221 mail.domain.com closing connection

LOG: smtp_connection MAIN
SMTP connection from (STRIKER) [xx.xx.xx.xx] closed by QUIT
search_tidyup called
child 26168 ended: status=0x0
0 SMTP accept processes now running
Listening...