Re: [Exim] Configuration of authentication

Page principale
Supprimer ce message
Répondre à ce message
Auteur: Oliver Egginger
Date:  
À: Ludwig Meyerhoff
CC: exim-users
Sujet: Re: [Exim] Configuration of authentication
Hello,

I don't now if it is instrumental in your enviroment
but here is a different easy to do approach, which was often discussed
on the list in the last months:

-------------------------------------------------------> SNIP
login:
driver=plaintext
public_name=LOGIN
server_condition="${if pam{$1:$2}{true}{false}}"
server_prompts="Username:: : Password::"
server_set_id=$1
<------------------------------------------------------- SNIP

This will do a cleartext authentification on the basis of
PAM. We (my organisation) decide that in combination with TLS there is
now need for us to encipher the passwords separately within the (secure)
SMTP connexions.

Also PAM gives us the freedom to switch our prefered
authentification mechanism easily.

We use Exim 4.10 but the shown configuration lines should also
work for Exim 3.36.

- oliver


Am Sam, 2003-02-08 um 20.57 schrieb Ludwig Meyerhoff:
> Hallo!
>
> Actually I run Exim on a Debian system and wanted to properly configure
> Exim for relaying by authenticated hosts.
>
> While configuring the exim.conf it sound that easy! And I do not get it run!
>
> I looked the mailinglist archives but all the hints there did not help,
> raising the debuglevel results in the client not connecting at all while
> telnetting on port 25 trying a manual handshake results in a lot of
> debug messages while starting Exim and no debug message at all while
> running/IO.
>
>
>
> I actually got it work only by hardcoding the password fields (as shown
> below).
>
>
> This is part of the authentication section of the config.
>
>  plain:
>    driver = plaintext
>    public_name = PLAIN
> #   server_condition = "${if
> crypteq{$2}{${extract{1}{:}{${lookup{$1}lsearch{/etc/exim/passwd}{$value}{*:*}}}}}{1}{0}}"
>    server_condition = "${if
> crypteq{SECRETPASSWORD}{CRYPTEDSECRETPASSWORD}{1}{0}}"
>     server_set_id = $1

>
>
>
> The /etc/exim/passwd file looks like this:
> name_to_authenticate_as : crypted_password
>
>
> Where I crypt the password on a very basic way: perl -e 'print
> crypt("PASSWORD", "JK");'
> This crypted password works in hardcoded condition but not in "external
> condition", so I suppose the problem is either in the passwd-file or in
> the server-condition.
>
>
>
> Saluti!
>
> Ludwig
>
>
> --
>
> ## List details at http://www.exim.org/mailman/listinfo/exim-users Exim details at http://www.exim.org/ ##
>

--
Oliver Egginger
FH Giessen-Friedberg
DV-Zentrum
Wiesenstrasse 14
35390 Giessen
Tel. +49 641 309-1283
Fax +49 641 309-1288
Mail: Oliver.Egginger@???

************************************************************
Unsere aktuellen Sprechzeiten finden Sie hier:
http://www.fh-giessen.de/WEB_NADM/dvz/personen.shtml

Aktuelle Informationen zur zentralen DV an der FH Giessen
können Sie über den Informationsbrief des DV-Zentrums
beziehen.
Siehe:
https://mailserv.fh-giessen.de/mailman/listinfo/dvz-info
************************************************************