Re: [Exim] pwcheck OR saslauthd - how?

Top Page
Delete this message
Reply to this message
Author: Odhiambo G. Washington
Date:  
To: exim-users
CC: Odhiambo G. Washington
Subject: Re: [Exim] pwcheck OR saslauthd - how?
* Jez Hancock <jez.hancock@???> [20040224 18:29]: wrote:
> Hi Wash,
>
> On Tue, Feb 24, 2004 at 10:17:18AM +0300, Odhiambo G. Washington wrote:
> > I do run Exim-4.30 on FreeBSD and I was this morning looking for an
> > _easier_ (simple, non-complicated) way to achieve ASMTP with Exim.
> > In the process, I searched the archives and encountered some discussions
> > about pwcheck and saslauthd.
> > The thread
> > http://www.exim.org/pipermail/exim-users/Week-of-Mon-20030728/057310.html
> That thread iirc was pretty much the time when saslauthd was added
> officially to exim4 - I remember reading it when I moved to saslauthd
> from pwcheck.
>
> > Now, there are some howtos about doing this stuff with pwcheck and it
> > seems to work so easily, or at least that is the opinion I formed when I
> > went through one such howto. It was damn easy.
> >
> > Are there any detailed howtos on doing asmtp using saslauthd out there?
> The exim+asmtp+freebsd 'HOWTO' I wrote here:
>
> http://munk.nu/exim/exim-freebsd-asmtp.php
>
> was unfortunately outdated as soon as I'd written it - after I moved
> from using pwcheck to saslauthd I didn't think it was really necessary
> to write any additional stuff on saslauthd because it really is so
> simple to install/configure.


I was actually referring to your howto when I wrote that note ;-)
It still works though, yes? I tested it and it works! If you find some
time, please update it. It was very very useful!!

> Installing saslauthd from the ports does everything you need for a
> vanilla setup - ie no need to worry about user/groups or socket
> accessibility. All you need to do is start the saslauthd using the rc
> script in /usr/local/etc/rc.d (perhaps rename it to saslauthd.sh if it's
> not saved there already :P).


I have seen that. I actually would add WITH_SASLAUTHD=yes to the make
args for exim in pkgtools.conf (I learnt this from you ;)).


> Then all you need in exim for the most basic setup is:
>
> acl_check_rcpt:
>     # I put this near the top of the rcpt acl but it's up to you depending on
>     # how you do things obviously and how much you trust your users :P

>
>     accept  authenticated = *

>
> and then in the authenticators section:
>
> plain:
> driver = plaintext
> public_name = PLAIN
> server_condition = ${if saslauthd{{$2}{$3}}{1}{0}}
>
> login:
> driver = plaintext
> public_name = LOGIN
> server_prompts = "Username:: : Password::"
> server_condition = ${if saslauthd{{$1}{$2}}{1}{0}}
>
> which I believe I took from the thread you mentioned above originally -
> or from a thread from around that time at least.


Yes, I am going to test that tomorrow. Fortunately I have a box to test
these things for a few days..


> As I say this is just the most basic of setups which is enough for me.
> See Andreas'(?) post above for TLS.


I saw it. He actually sent it to me directly with a CC to the list.

What I am wondering is why pwcheck was deprecated in the first place.
It does work still, yes?

Thank you for rushing to my aid on this.

BTW, is there a way to make sure the php4 port installs PEAR when you
use portinstall, like an arg in pkgtools.conf to make sure it does this
all the time?



        cheers
       - wash
+----------------------------------+-----------------------------------------+
Odhiambo Washington                     . WANANCHI ONLINE LTD (Nairobi, KE)  |
<wash at wananchi dot com>              . 1ere Etage, Loita Hse, Loita St.,  |
GSM: (+254) 722 743 223                 . # 10286, 00100 NAIROBI             |
GSM: (+254) 733 744 121                 . (+254) 020 313 985 - 9             |
+---------------------------------+------------------------------------------+
"Oh My God! They killed init! You Bastards!"
                         --from a /. post