Re: [Exim] pwcheck OR saslauthd - how?

Góra strony
Delete this message
Reply to this message
Autor: Jez Hancock
Data:  
Dla: Odhiambo G. Washington, exim-users
Temat: Re: [Exim] pwcheck OR saslauthd - how?
Hi Wash,

On Tue, Feb 24, 2004 at 10:17:18AM +0300, Odhiambo G. Washington wrote:
> I do run Exim-4.30 on FreeBSD and I was this morning looking for an
> _easier_ (simple, non-complicated) way to achieve ASMTP with Exim.
> In the process, I searched the archives and encountered some discussions
> about pwcheck and saslauthd.
> The thread
> http://www.exim.org/pipermail/exim-users/Week-of-Mon-20030728/057310.html

That thread iirc was pretty much the time when saslauthd was added
officially to exim4 - I remember reading it when I moved to saslauthd
from pwcheck.

> Now, there are some howtos about doing this stuff with pwcheck and it
> seems to work so easily, or at least that is the opinion I formed when I
> went through one such howto. It was damn easy.
>
> Are there any detailed howtos on doing asmtp using saslauthd out there?

The exim+asmtp+freebsd 'HOWTO' I wrote here:

http://munk.nu/exim/exim-freebsd-asmtp.php

was unfortunately outdated as soon as I'd written it - after I moved
from using pwcheck to saslauthd I didn't think it was really necessary
to write any additional stuff on saslauthd because it really is so
simple to install/configure.

Installing saslauthd from the ports does everything you need for a
vanilla setup - ie no need to worry about user/groups or socket
accessibility. All you need to do is start the saslauthd using the rc
script in /usr/local/etc/rc.d (perhaps rename it to saslauthd.sh if it's
not saved there already :P).

Then all you need in exim for the most basic setup is:

acl_check_rcpt:
    # I put this near the top of the rcpt acl but it's up to you depending on
    # how you do things obviously and how much you trust your users :P


    accept  authenticated = *


and then in the authenticators section:

plain:
driver = plaintext
public_name = PLAIN
server_condition = ${if saslauthd{{$2}{$3}}{1}{0}}

login:
driver = plaintext
public_name = LOGIN
server_prompts = "Username:: : Password::"
server_condition = ${if saslauthd{{$1}{$2}}{1}{0}}

which I believe I took from the thread you mentioned above originally -
or from a thread from around that time at least.

As I say this is just the most basic of setups which is enough for me.
See Andreas'(?) post above for TLS.

HTH

--
Jez Hancock
- System Administrator / PHP Developer

http://munk.nu/
http://jez.hancock-family.com/  - Another FreeBSD Diary
http://ipfwstats.sf.net/        - ipfw peruser traffic logging