Re: [exim] Mysql smtp Auth

Top Page
Delete this message
Reply to this message
Author: Peter Bowyer
Date:  
To: Exim-Users@Exim. Org
Subject: Re: [exim] Mysql smtp Auth
Doug Block <lists@???> wrote:
> I currently run a smarthost with Exim 4.34 with Exiscan,sa-exim and
> spamassassin-3.0.0rc1 with clamd and then the main server running exim
> 4.33 clamd exiscan with courier IMAP (current version).
>
> I would like to turn on SMTP auth but since I have a smart host this
> makes things kinda messy. I have found several example for mysql and
> exim but none that cover this nor any that could be hacked in to doing
> this. I have a large aliases/mail group list that also makes things
> fun but a lot of the example I have found also include storing your
> ACL in mysql or your spam scores with I don't need. I would like to
> get exim to share account across both of these servers using mysql as
> I don't have a clue in LDAP.


Here's a working MySQL authentication section (note this doesn't use TLS or
any other transport security - caveat implementor). The users login with
their full email address. Passwords are held crypted. The MySQL table is
used for other things apart from authentication, looks like this:

mysql> describe passwd;
+----------+------------------+------+-----+---------+----------------+
| Field    | Type             | Null | Key | Default | Extra          |

+----------+------------------+------+-----+---------+----------------+
| id       | int(11)          |      | PRI | NULL    | auto_increment |
| address  | varchar(128)     |      | UNI |         |                |
| crypt    | varchar(128)     |      |     |         |                |
| clear    | varchar(128)     |      |     |         |                |
| name     | varchar(128)     |      |     |         |                |
| uid      | int(10) unsigned |      |     | 65534   |                |
| gid      | int(10) unsigned |      |     | 65534   |                |
| home     | varchar(255)     |      |     |         |                |
| maildir  | varchar(255)     |      |     |         |                |
| quota    | varchar(255)     |      |     |         |                |
| domid    | int(11)          | YES  |     | NULL    |                |
| blockout | varchar(5)       | YES  |     | NULL    |                |

+----------+------------------+------+-----+---------+----------------+


begin authenticators

plain:
  driver = plaintext
  public_name = PLAIN
  server_condition = ${if and { \
                        {!eq{$2}{}} \
                        {!eq{$3}{}} \
                        {crypteq{$3}{${lookup mysql{SELECT crypt FROM passwd
WHERE address='$2'}{$value}fail}}} \
                        } {yes}{no}}
  server_set_id = $2


# login authenticator - here $1 is the userid and $2 is the password.
otherwise all else is
# the same as above


login:
  driver = plaintext
  public_name = LOGIN
  server_prompts = "Username:: : Password::"
  server_condition = ${if and { \
                        {!eq{$1}{}} \
                        {!eq{$2}{}} \
                        {crypteq{$2}{${lookup mysql{SELECT crypt FROM passwd
WHERE address='$1'}{$value}fail}}} \
                        } {yes}{no}}
  server_set_id = $1




Hope this helps....

Peter