Okay, progress. I had some problems with permissions on the
SSL cert and key which I've resolved, but now it appears that
the PAM authentication isn't quite right. Seems now I have
defined Exim to use Solaris PAM (this is Solaris 9 SPARC)
*but* there is no module. So...
1. Has anyone successfully managed to implement an exim PAM
module for Solaris? If so, where might I find the source
for this module. I definitely need it.
- OR -
2. Can the Linux Exim PAM module be re-purposed for Solaris?
Has anyone managed to get this to work?
I'd hate to think that I have to code this up, even though
if I have to I will (it just may take a while since I am not
a programmer).
Thanks to all, especially you Nico!
If memory serves, you said...
-> You can control that you will not ACCEPT unencrypted auth with this
-> simple acl.
->
-> acl_smtp_auth = check_auth
->
-> check_auth:
-> accept encrypted = *
-> deny message = You need to use TLS for authentication
->
->
-> In your authenticator-settings, you can use the
-> server_advertise_condition to control when a AUTH-method will be
-> advertised (so you can control that CRAM-MD5 goes over unencrypted
-> connections, but PLAIN/LOGIN only via encrypted connections)
->
-> server_advertise_condition = ${if eq{$tls_cipher}{}{no}{yes}}
->
-> you can also use auth_advertise_hosts.
->
-> auth_advertise_hosts = ${if eq{$tls_cipher}{}{}{*}}
->
-> Your choice. ;)
->
-> Nico
