Re: [Exim] exim 4.34, smtp-auth and pam

Top Page
Delete this message
Reply to this message
Author: Anand Buddhdev
Date:  
To: Richard
CC: exim-users
Subject: Re: [Exim] exim 4.34, smtp-auth and pam
On Fri, May 21, 2004 at 01:56:33PM +0100, Richard wrote:

> Hi,
>
> been trying to solve this for a few days now,
>
> if I have exim_user=root in exim.conf then this happens:
>
> 2004-05-21 13:41:44 1BR9LJ-0006ml-MF <= kirth@???
> H=eclipse.noc.demon.net (thus011087) [195.173.56.213] P=asmtp A=login:kirth
> S=1302 id=001801c43f30$e6a88380$d538adc3@thus011087
> 2004-05-21 13:41:44 1BR9LJ-0006ml-MF User 0 set for remote_smtp transport is
> on the fixed_never_users list
>
>
> if i have exim running as mail (as I'd prefare) I get this:
>
> 2004-05-21 13:41:13 login authenticator failed for eclipse.noc.demon.net
> (thus011087) [195.173.56.213]: 535 Incorrect authentication data
> (set_id=kirth)
>
> This is the auth part of exim.conf
>
> plain:
> driver = plaintext
> public_name = PLAIN
> server_condition = "${if pam{$2:$3}{1}{0}}"
> server_set_id = $2
>
> login:
> driver = plaintext
> public_name = LOGIN
> server_prompts = "Username:: : Password::"
> server_condition = "${if pam{$1:$2}{1}{0}}"
> server_set_id = $1
>
>
> Also tried setting FIXED_NEVER_USERS=root to FIXED_NEVER_USERS=
> however, exim still lists root when i do exim -bV.


There's a compile-time option called FIXED_NEVER_USERS, which by
default lists root, and so you cannot override that setting in the
config file. One option is to recompile exim and remove root from the
FIXED_NEVER_USERS setting, but I would not recommend that.

I'd recommend that you run something like saslauthd, which runs as
root, and can query PAM, and configure your exim to use SASL.

--
Anand Buddhdev
Celtel International