At 21:52 +0100 2002/12/12, Jonas Jacobsson wrote:
>Hi,
>
>How should I configure Exim if I want to be able to relay mail
>for authenticated users? How should the authentication block lock like?
>
>I don't understand how it works. I've tried to read the docs, but
>it doesn't help me much.
>
>I'm trying to send mail from Mozilla via Exim SMTP server.
You should put this somewhere in your conf (for instance just
before the acl section):
tls_advertise_hosts = *
tls_certificate = /path/to/your/cert.pem
(this contains both server cert and key)
You can find the instructions to generate this either somewhere on
the eudora site (for qpopper) and even in the mod_ssl docs, I think.
Early in the rcpt acl add:
accept authenticated = *
and add the authentication configuration at the end of the conf file:
begin authenticators
plain:
driver = plaintext
public_name = PLAIN
server_condition = "${if and {{!eq{$2}{}}{!eq{$3}{}} \
{crypteq{$3}{${extract{1}{:} \
{${lookup{$2}lsearch{/etc/passwd}{$value}{*:*}}}}}}}{1}{0}}"
server_set_id = $2
[btw, why is this condition in double quotes?]
you need /etc/passwd to contain the passwords (!), on many systems
this is actually /etc/master.passwd, but it is not readable by exim.
So make a copy in a safe place and chown it so that it is readable.
I do not know how Mozilla behaves, Eudora had my root certificate
installed when I checked mail (secure pop). Or at least I think it
went that way.
You could probably even install the certificate in the browser using
a cgi on a web server. Look for loadCAcert.pl on the web.
I hope this helps.
Giuliano
--
H U M P H
|| |||
software
Java & C++ Server/Client/Human Interface applications on MacOS - MacOS X
http://www.humph.com/
