Re: [Exim] Authenticated smtp

Góra strony
Delete this message
Reply to this message
Autor: Ron McKeating
Data:  
Dla: Phil Jordan
CC: Exim-Users (E-mail)
Temat: Re: [Exim] Authenticated smtp
On Thu, 2004-07-29 at 01:20, Phil Jordan wrote:
> I've run tests (exim -d+expand -be) with exim both as root and as exim.
>
> (I'm running RH9 with PAM 0.75. I created a pam.d/exim file by hand
> modelled after the one used for IMAP on my system.)
>
> The test run as root succeeds, validating my authenticator code.
>
> The test run as exim fails.
>
> Before I give up on PAM and start looking at other options, can I double
> check if there's anything special I should be doing for my PAM config
> (pam.d/exim) please? According to the Exim docs PAM 0.72 and up should
> support checking from a non-root account so I had expected using PAM to
> work.
>


After input from Nathan and a few others I decided to try using it out
of the box on my FC2 box. It works fine. no problems, this is my exim
file in /etc/pam.d/

#%PAM-1.0
# This file is auto-generated.
# User changes will be destroyed the next time authconfig is run.
auth        required      /lib/security/$ISA/pam_env.so
auth        required      /lib/security/$ISA/pam_warn.so
auth        sufficient    /lib/security/$ISA/pam_unix.so likeauth nullok
auth        required      /lib/security/$ISA/pam_deny.so


account     required      /lib/security/$ISA/pam_unix.so


password    required      /lib/security/$ISA/pam_cracklib.so retry=3
type=
password    sufficient    /lib/security/$ISA/pam_unix.so nullok
use_authtok md5shadow
password    required      /lib/security/$ISA/pam_deny.so


session     required      /lib/security/$ISA/pam_limits.so
session     required      /lib/security/$ISA/pam_unix.so


And this is the plain authenticator I use.

plain:
driver=plaintext
public_name=PLAIN
server_prompts=:
server_condition=${if pam{$2:${sg{$3}{:}{::}}}{yes}{no}}
server_set_id = $2

All works out of the box on FC2

Ron
> Thanks
>
> Phil Jordan
>
> On Wed Jul 28, 2004 at 2:26 am, Nathan Ollerenshaw wrote
>
> >On Jul 27, 2004, at 7:45 PM, Anand Buddhdev wrote:
>
> >> If Exim is not running as root, then, when using PAM, it is not able to
> >> read /etc/shadow, and so it cannot authenticate users. One work-around
> >> is to run exim as root, but that's a very bad idea. I prefer not to use
> >> PAM at all. There are other solutions to get SMTP authentication to
> >> work.
>
> >I just tested it under FC2 as a normal user.
> >
> >No problems using PAM here :)
> >
> >Nathan.
> >
> >--
> >Nathan Ollerenshaw - Unix Systems Engineer
> >ValueCommerce - http://www.valuecommerce.ne.jp/
>
>
>
>
>
> --
>
> ## List details at http://www.exim.org/mailman/listinfo/exim-users Exim details at http://www.exim.org/ ##

--
Ron McKeating
Senior IT Services Specialist
Internet Services and Software Solutions
Loughborough University
01509 222329