[Exim] Error setting up Exim with TLS (SSL)

Top Page
Delete this message
Reply to this message
Author: Eddie Parker
Date:  
To: exim-users
Subject: [Exim] Error setting up Exim with TLS (SSL)
Hello!

I'm sorry to pester the group, but I've been hacking at this for a couple
days now, and I'm thoroughly lost/confused.

I'm tryin to set it up so that users can use my my debian box to SMTP off
of, but I want to do it with SSL encryption and authorization on. I want
to deny all other types of relaying, unless they're auth'ed and
encrypted.. (That's kosher, right? Advice is welcome. :))

Except I keep getting an error from any of my clients connecting saying
"Error: Not Authorized". I keep submitting my username and password, and I
can't see anything.

All I get in the exim log dir is an entry in the rejectlog:
2004-06-18 17:02:24 rejected MAIL from ([192.168.1.101]) [192.168.1.1]:
not authenticated

I'm using Debian, 2.4.26 kernel. exim-tls debian package, 3.35-3woody2.

I hope noone minds, but here's the contents of my exim.conf,
comment-stripped...

Any advice would be *most* welcome!

Thanks!

-e-



qualify_domain = kickingdragon.com

local_domains = localhost:khaz.homeip.net:zeus:kickingdragon.com

local_domains_include_host = true
local_domains_include_host_literals = true

never_users = root

host_accept_relay =

tls_certificate = /etc/exim/exim.cert
tls_privatekey = /etc/exim/exim.key

tls_advertise_hosts = *

auth_hosts = *
auth_over_tls_hosts = *
host_auth_accept_relay = +warn_unknown:*

trusted_users = mail

smtp_verify = true

gecos_pattern = ^([^,:]*)
gecos_name = $1

smtp_accept_queue_per_connection = 100

freeze_tell_mailmaster = true

received_header_text = "Received: \
         ${if def:sender_rcvhost {from ${sender_rcvhost}\n\t}\
         {${if def:sender_ident {from ${sender_ident} }}\
         ${if def:sender_helo_name {(helo=${sender_helo_name})\n\t}}}}\
         by ${primary_hostname} \
         ${if def:received_protocol {with ${received_protocol}}} \
         (Exim ${version_number}          id ${message_id}\
         ${if def:received_for {\n\tfor <$received_for>}}"


receiver_try_verify = true


local_delivery:
driver = appendfile
group = mail
mode = 0660
mode_fail_narrower = false
envelope_to_add = true
return_path_add = true
file = /var/spool/mail/${local_part}

address_pipe:
driver = pipe
path = /usr/bin:/bin:/usr/local/bin
return_output

address_file:
driver = appendfile
envelope_to_add = true
return_path_add = true

address_directory:
driver = appendfile
no_from_hack
prefix = ""
suffix = ""

address_reply:
driver = autoreply

procmail_pipe:
driver = pipe
command = "/usr/bin/procmail"
return_path_add
delivery_date_add
envelope_to_add
suffix = ""

remote_smtp:
driver = smtp


real_local:
prefix = real-
driver = localuser
transport = local_delivery

system_aliases:
driver = aliasfile
file_transport = address_file
pipe_transport = address_pipe
file = /etc/aliases
search_type = lsearch

userforward:
driver = forwardfile
file_transport = address_file
pipe_transport = address_pipe
reply_transport = address_reply
no_verify
check_ancestor
check_local_user
file = .forward
modemask = 002
filter

procmail:
driver = localuser
transport = procmail_pipe
require_files =
${local_part}:+${home}:+${home}/.procmailrc:+/usr/bin/procmail
no_verify


localuser:
driver = localuser
transport = local_delivery


lookuphost:
driver = lookuphost
transport = remote_smtp

literal:
driver = ipliteral
transport = remote_smtp


*                      *           F,2h,15m; G,16h,2h,1.5; F,4d,8h



*@kickingdragon.com    ${lookup{$1}lsearch{/etc/email-addresses}\
                        ($value)fail) frFs
*@khaz.homeip.net    ${lookup{$1}lsearch{/etc/email-addresses}\
                        {$value}fail} frFs



fixed_plain:
    driver = plaintext
    public_name = PLAIN
    server_mail_auth_condition = ${if and
{{eq{$2}{user}}{eq{$3}{password}}}{yes}{no}}
    server_set_id = $2