Re: [Exim] relaying only for authenticated users

Top Page
Delete this message
Reply to this message
Author: Andreas Metzler
Date:  
To: exim-users
Subject: Re: [Exim] relaying only for authenticated users
On Tue, Oct 14, 2003 at 12:46:19PM -0500, Rob Ristroph wrote:
> I am using exim 4.22 on Debian testing. I have outgoing and
> incoming mail set up, with some virtual domains.
>
> I would like to allow remote users, from anywhere on the
> internet, to send their outgoing mail through my server, but
> only if they can authenticate themselves in some way. I don't
> have many users who will be doing this, so managing a single
> file with htpasswd or simply usernames and plaintext passwords
> is fine.
>
> Is there an example config file I can work from ?
>
> Let me give some background on what I've tried so far:
>
> -- I noticed the authenticators section in the configuration
>    that came with debian, and so I make a
>    "*:username:cryptedpass" entry in
>    /etc/exim4/passwd.clients, but in testing exim refused to
>    relay from outside my network and when I type something
>    like "AUTH PLAIN" into a test smtp session ( started using
>    the command "exim4 -d -bh 1.2.3.4" ) it says "503 AUTH
>    command used when not advertised"


passwd.client is for exim acting as side SMTP _client_.
[...]
> I can post my config file if necessary, but what I'd really
> like is some link to a config file that is pretty close to
> what I want to do, and then I can work from it.

[...]

Generate /etc/exim4/passwd
# The examples below are for server side authentication; they allow two
# styles of plain-text authentication against an CONFDIR/passwd file
# which should have user IDs in the first column and crypted passwords
# in the second. The columns need to be separated by ':'. For CRAM-MD5
# exim needs access to the UNENCRYPTED passwd - the example below assumes
# it is avalable in the third column of CONFDIR/passwd

and activate the _server_ side authenticators in
/etc/exim4/conf.d/auth/30_exim4-config_examples you want to use
by removing the hash-mark '#' in front of the respective lines.

Done.
          cu andreas