Re: [Exim] SQL-based SMTP AUTH.

Author: Eric Renfro
Date:
To: exim-users
Subject: Re: [Exim] SQL-based SMTP AUTH.

On Wednesday 23 October 2002 11:36 am, Matt Bernstein wrote:
> At 10:49 -0500 Eric Renfro wrote:
> >I'm trying to switch from using LDAP-based user SMTP AUTH, to PgSQL-based
> >lookup AUTH.
> >
> >My current authenticators are like:
>
> begin authenticators
>
> cram_md5:
> driver = cram_md5
> public_name = CRAM-MD5
> server_secret = ${lookup pgsql{select password from member where
> username='$1'}{$value}fail} server_set_id = $1

Oct 23 13:14:48 ginseng.myrddincd.com oidentd[12400]: [myrddincd.com]
Successful lookup: 49811 , 25 : psi-jack (psi-jack)
Oct 23 13:14:49 ginseng.myrddincd.com exim[12399]: 2002-10-23 13:14:49
184Q1p-0003Dz-00 <= erenfro@??? H=myrddincd.com
(ginseng.myrddincd.com) [192.168.1.10] U=psi-jack P=asmtp X=TLSv1:RC4-MD5:128
A=dbmail_cram:erenfro S=818 id=200210231313.09456.erenfro@???
Oct 23 13:14:50 ginseng.myrddincd.com exim[12406]: 2002-10-23 13:14:50
184Q1p-0003E6-00 exiscan: mail already scanned (previous ID was
184Q1p-0003Dz-00)
Oct 23 13:14:50 ginseng.myrddincd.com exim[12406]: 2002-10-23 13:14:50
184Q1p-0003E6-00 <= erenfro@??? U=mail P=spam-scanned S=1196
id=200210231313.09456.erenfro@???
Oct 23 13:14:50 ginseng.myrddincd.com dbmail/smtp[12422]: insert_messages():
message id=3791, size=1316 is inserted
Oct 23 13:14:50 ginseng.myrddincd.com exim[12418]: 2002-10-23 13:14:50
184Q1p-0003E6-00 => psi-jack <psi-jack@???> R=dbmail_user
T=dbmail_delivery
Oct 23 13:14:50 ginseng.myrddincd.com exim[12418]: 2002-10-23 13:14:50
184Q1p-0003E6-00 Completed
Oct 23 13:14:50 ginseng.myrddincd.com exim[12402]: 2002-10-23 13:14:50
184Q1p-0003Dz-00 => psi-jack <psi-jack@???> R=spamcheck_router
T=spamcheck
Oct 23 13:14:50 ginseng.myrddincd.com exim[12402]: 2002-10-23 13:14:50
184Q1p-0003Dz-00 Completed

First time works.

Oct 23 13:15:15 ginseng.myrddincd.com oidentd[12459]: Connection from
myrddincd.com (192.168.1.10):0
Oct 23 13:15:15 ginseng.myrddincd.com oidentd[12459]: [myrddincd.com]
Successful lookup: 49837 , 25 : psi-jack (psi-jack)
Oct 23 13:15:15 ginseng.myrddincd.com exim[12458]: 2002-10-23 13:15:15
Authentication failed for myrddincd.com (ginseng.myrddincd.com)
[192.168.1.10] (psi-jack): 535 Incorrect authentication data (set_id=erenfro)
Oct 23 13:15:15 ginseng.myrddincd.com exim[12458]: 2002-10-23 13:15:15
Authentication failed for myrddincd.com (ginseng.myrddincd.com)
[192.168.1.10] (psi-jack): 535 Incorrect authentication data (set_id=erenfro)

Second time fails.

That's the one problem I keep having with the cram authenticator. I've got
LOGIN and PLAIN working fine, after working at it a while.

But CRAM-MD5 seems to be very picky. My original query was as follows:

dbmail_cram:
  driver = cram_md5
  public_name = CRAM-MD5
  server_secret = \
    ${if eq{$1}
      {${lookup pgsql \
          {SELECT userid FROM users WHERE userid = '${quote_pgsql:$1}'} \
      }}
      {${lookup pgsql \
          {SELECT passwd FROM users WHERE userid = '${quote_pgsql:$1}'} \
      }}
    fail}
  server_set_id = $1

And, that worked, only for the first time, for the first user that authed.

Once I saw this reply, I tried out your method, and it's doing the very exact
same thing. Succeeding once, and failing any further time.

--
Eric Renfro
Myrddin Computers & Designs - CEO/President
Sales: sales@???
Fax: (775) 243-4535

This message is part of the following thread:
	the complete thread tree sorted by date
	Matt Bernstein at
	Eric Renfro at