Doug Block <lists@???> wrote:
> I currently run a smarthost with Exim 4.34 with Exiscan,sa-exim and
> spamassassin-3.0.0rc1 with clamd and then the main server running exim
> 4.33 clamd exiscan with courier IMAP (current version).
>
> I would like to turn on SMTP auth but since I have a smart host this
> makes things kinda messy. I have found several example for mysql and
> exim but none that cover this nor any that could be hacked in to doing
> this. I have a large aliases/mail group list that also makes things
> fun but a lot of the example I have found also include storing your
> ACL in mysql or your spam scores with I don't need. I would like to
> get exim to share account across both of these servers using mysql as
> I don't have a clue in LDAP.
Here's a working MySQL authentication section (note this doesn't use TLS or
any other transport security - caveat implementor). The users login with
their full email address. Passwords are held crypted. The MySQL table is
used for other things apart from authentication, looks like this:
mysql> describe passwd;
+----------+------------------+------+-----+---------+----------------+
| Field | Type | Null | Key | Default | Extra |
+----------+------------------+------+-----+---------+----------------+
| id | int(11) | | PRI | NULL | auto_increment |
| address | varchar(128) | | UNI | | |
| crypt | varchar(128) | | | | |
| clear | varchar(128) | | | | |
| name | varchar(128) | | | | |
| uid | int(10) unsigned | | | 65534 | |
| gid | int(10) unsigned | | | 65534 | |
| home | varchar(255) | | | | |
| maildir | varchar(255) | | | | |
| quota | varchar(255) | | | | |
| domid | int(11) | YES | | NULL | |
| blockout | varchar(5) | YES | | NULL | |
+----------+------------------+------+-----+---------+----------------+
begin authenticators
plain:
driver = plaintext
public_name = PLAIN
server_condition = ${if and { \
{!eq{$2}{}} \
{!eq{$3}{}} \
{crypteq{$3}{${lookup mysql{SELECT crypt FROM passwd
WHERE address='$2'}{$value}fail}}} \
} {yes}{no}}
server_set_id = $2
# login authenticator - here $1 is the userid and $2 is the password.
otherwise all else is
# the same as above
login:
driver = plaintext
public_name = LOGIN
server_prompts = "Username:: : Password::"
server_condition = ${if and { \
{!eq{$1}{}} \
{!eq{$2}{}} \
{crypteq{$2}{${lookup mysql{SELECT crypt FROM passwd
WHERE address='$1'}{$value}fail}}} \
} {yes}{no}}
server_set_id = $1
Hope this helps....
Peter
