I think there's a problem with your authenticators configuration.
At 1:32 -0800 2003/01/01, <dave@???> wrote:
[...]
>######################################################################
># AUTHENTICATION CONFIGURATION #
>######################################################################
>
># There are no authenticator specifications in this default configuration
>file.
>
>begin authenticators
>fixed_plain:
> driver = plaintext
> public_name = PLAIN
> server_condition = ${if crypteq{$3}
>{${extract{1}{:}{${lookup{$2}lsearch{/etc/relayers}{$value}}}}}{yes}{no}
> server_set_id = $2
the PLAIN you defined presumes that /etc/relayers is in the format:
username:password:...
where the password is encrypted. In MacOSX passwords are usually
stored in NetInfo, so I guess you must have done nidump passwd . >
/etc/relayers.
This is inconvenient as you must dump the passwd format every time
you add a user.
>fixed_cram:
> driver = cram_md5
> public_name= CRAM-MD5
> server_secret = ${lookup{$1}lsearch{/etc/relayers}{$value}{fail}}
> server_set_id = $1
CRAM-MD5 as far as I know expects the password in clear in the
server_secret, so here /etc/relayers is of the form:
username password
where the password is in clear.
>login:
> driver = plaintext
> public_name = LOGIN
> server_prompts = "Username:: : Password::"
> server_condition = ${if
>eq{$2}{${lookup{$1}lsearch{/etc/relayers}{$value}{no}}}{yes}{no}}
> server_set_id = $1
you have LOGIN defined in a way that is consistent with the CRAM-MD5 above.
Both CRAM-MD5 and LOGIN above are not very useful: there is no way
for a user to change password and passwords are stored in clear.
Since most email programs use the same username/password settings for
sending and checking email, you will have to find a way to have the
pop3 and imap4 server use those.
A solution would be to query netinfo directly instead of using
lsearch. I have written a netinfo lookup function that I use
regularly on my server. For two reasons I have not yet sent Philip
the source.
First, because I am not yet sure how to deal with the Apple open
source license as I have taken inspiration from their niutil code.
Second, because it does not work well with a custom lookupd
configuration, one that looks not only in NetInfo for users would
indeed be incompatible with a netinfo only lookup.
In a way the netinfo lookup might be more appropriate to store other
data like virtual domains/ aliases/ blacklisted users/domains etc. I
have still to add a create and delete functionality to make that
possible.
What I find strange is that exim has no built in getpwnam
functionality. Isn't that a feasable way to access passwords on any
Unix-like system or do PAM and other methods break it?
Finally you might be able to use PAM on MacOSX, all the files seem to
be there..
Giuliano
># End of Exim configuration file
>
>Any help is appreciated.
>
>Thanks in advance,
>
>Dave
--
H U M P H
|| |||
software
Java & C++ Server/Client/Human Interface applications on MacOS - MacOS X
http://www.humph.com/
