Re: [Exim] Exim SMTP Auth, version 4.10 and 4.12...

Top Page
Delete this message
Reply to this message
Author: David Bauman
Date:  
To: Nico Erfurth
CC: exim-users@exim.org
Subject: Re: [Exim] Exim SMTP Auth, version 4.10 and 4.12...
On Fri, 2003-02-28 at 12:30, Nico Erfurth wrote:
> On 28 Feb 2003, David Bauman wrote:
>
> > > Please check everything again with exim 4.12 (especially the configfile);)
> > >
> >
> > Very long day so far... Exim 4.10 was installed with the 4.12 daemon running...
> >
> > Sorry about that, here's a test with 4.12 re-merged...
> >
> > Same result, too...
>
> Strange, how does your acl_smtp_auth look like?


It works under 4.05, and 4.10...

check_recipient:
 deny    message = host is listed in $dnslist_domain
 dnslists =
blackholes.mail-abuse.org:dialups.mail-abuse.org:relays.mail-abuse.org:relays.orbs.org:rbl.maps.vix.com:dul.maps.vix.com:dnsbl.njabl.org:spamhaus.relays.osirusoft.com:inputs.relays.osirusoft.com
  deny    local_parts = ^.*[@%!/|]
          message = I've never seen @, %, !, /, or | in an e-mail.
Neither should you.
  accept  domains = +local_domains
  accept  hosts = +relay_hosts
  accept  authenticated = *
  deny    message = Relaying is not permitted.



> What is the setting of auth_advertise_hosts?


auth_advertise_hosts = !+relay_hosts

(When this line is commented out, it allows me to use the AUTH command
via the internet)

If I recall correctly, this line should be ok... it means it will only
not advertise AUTH to hosts not listed in it's relay file (which is for
a LAN only, where as I'm comming in via the internet). It should not be
affecting me...

> What happens if you run exim -bh 127.0.0.1 -d?

<<<<<<SNIP>>>>>
SMTP>> 250-rhyn.phaseburn.net Hello localhost [127.0.0.1]

250-SIZE 52428800
250-PIPELINING
250 HELP

> What happens if you run exim -bh problematic.ip.address -d?

<<<<<SNIP>>>>>
SMTP>> 250-rhyn.phaseburn.net Hello denial.phaseburn.net [66.101.18.41]

250-SIZE 52428800
250-PIPELINING
250-AUTH PLAIN LOGIN
250 HELP

> If you have a low-traffic server, please run exim with
> exim -d+all -bd and try to authenticate with a client.


1/3rd shared load of 10,000 users isn't a low-traffic server, I'm trying
to keep 4.10 up on this while I'm not testing it (5 minute outages here
and there - I can't do this right now)

> Can you place your config-file on some public webspace and post the URL
> here?


I need approval from my boss (MySQL database passwords are in it, even
stripping them out (which I plan to do, of course) requires an
approval)... I've submitted a request already...

> Nico
>
>
> --
>
> ## List details at http://www.exim.org/mailman/listinfo/exim-users Exim details at http://www.exim.org/ ##

--

-David Bauman
dbauman@???

"This is Linux Country. On a quiet night, you can hear Windows reboot..."

Network Security/Operations - Infostations
     888.216.0707 x 204 (Toll-Free)
     916.276.6667       (Cellular)
     916.630.7457       (Fax)