[Exim] Re: [Exim] Exim smtpauth + Courier authdaemon

Startseite
Nachricht löschen
Nachricht beantworten
Autor: Sven Geggus
Datum:  
To: exim-users
Neue Treads: [Exim] (SUCCESS!)Exim?smtpauth?+?Courier?authdaemon
Betreff: [Exim] Re: [Exim] Exim smtpauth + Courier authdaemon
Miroslav Ris <miroslav@???> wrote:

>  login:
>    driver = plaintext
>    public_name = LOGIN
>    server_prompts = Username:: : Password::
>    server_condition = \
>      ${if eq {${readsocket{/var/authdaemon/socket}\
>      {AUTH 76\n${length_76:exim\nlogin\n$1\n$2\
>      \n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\
>      \n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\
>      \n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n}}}}{FAIL\n} {no}{yes}}
>    server_set_id = $1

>
>  plain:
>    driver = plaintext
>    public_name = PLAIN
>    server_prompts = :
>    server_condition = \
>      ${if eq {${readsocket{/var/authdaemon/socket}\
>      {AUTH 76\n${length_76:exim\nlogin\n$2\n$3\
>      \n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\
>      \n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\
>      \n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n}}}}{FAIL\n} {no}{yes}}
>    server_set_id = $2


While this works, the more elegant solution would be certaily this one:

driver = plaintext
    public_name = LOGIN
    server_advertise_condition = ${if eq{$tls_cipher}{}{no}{yes}}
    server_prompts = Username:: : Password::
    server_condition = \
        ${if eq {${readsocket{/wherever/your/courier/socket/is}\
        {AUTH ${strlen:exim\nlogin\n$1\n$2\n}\nexim\nlogin\n$1\n$2\n}}}\
        {FAIL\n} {no}{yes}}
    server_set_id = $1


plain:
  driver = plaintext
  public_name = PLAIN
  server_advertise_condition = ${if eq{$tls_cipher}{}{no}{yes}}
  server_condition = \
        ${if eq {${readsocket{/wherever/your/courier/socket/is}\
        {AUTH ${strlen:exim\nlogin\n$2\n$3\n}\nexim\nlogin\n$2\n$3\n}}}\
        {FAIL\n} {no}{yes}}
  server_set_id = $2


You will also have to make shure, that the socket is accessable by the Exim
User. The server_advertise_condition prevents unencrypted connections from
the use of the Authenticators.

Regards

Sven

--
"Those who do not understand Unix are condemned to reinvent it, poorly"
(Henry Spencer)

/me is giggls@ircnet, http://sven.gegg.us/ on the Web