On Tue, 2004-07-27 at 07:46, Nathan Ollerenshaw wrote:
> On Jul 27, 2004, at 1:04 AM, Ron McKeating wrote:
>
> > If you want to use authenticated smtp and you want to use the plain or
> > login authenticators, what is the best way of using /etc/shadow. I
> > understand it is possible to create a group, put user exim in the group
> > and give the group rights over /etc/shadow. Are there any other better
> > ways of doing it ?
>
> If you're using a reasonably modern operating system that has pam, you
> can use it do the same thing. Exim's spec.pdf, page 111 (numbered 99 in
> the pdf), or
> http://www.exim.org/exim-html-4.40/doc/html/spec_11.html#IX936:
>
> "
> For example, the configuration of a LOGIN authenticator might contain
> this setting:
>
> server_condition = ${if pam{$1:${sg{$2}{:}{::}}}{yes}{no}}
>
> For a PLAIN authenticator you could use:
>
> server_condition = ${if pam{$2:${sg{$3}{:}{::}}}{yes}{no}}
> "
>
> I've not tried it, but generally the documentation is right :)
>
> Nathan.
I have tried this and it does not work. I am using fedora core 2 and the
latest exim. I am unclear as to how exim pam and /etc/shadow interact.
Basically is it possible to get exim to use pam to authenticate users
against the /etc/shadow file.
Ron
--
Ron McKeating
Senior IT Services Specialist
Internet Services and Software Solutions
Loughborough University
01509 222329