[exim] Exim4 and client AUTH

Góra strony
Delete this message
Reply to this message
Autor: Brent Clark
Data:  
Dla: exim-users
Temat: [exim] Exim4 and client AUTH
Hi all

I have browsed the Exim archive and googled for three days, and I still
am unsuccesful in setting up AUTH on my mail server.

Basically I want my mail client to login to the exim4 mail server,
before sending the mail.

I have attached my conf file for viewing.

I have tried the MD5 and PLAIN, and nothing works.

======================================
trinity:~# telnet xxx.yyy.zzz 25
Trying 192.168.2.2...
Connected to xxx.yyy.zzz
Escape character is '^]'.
220 xxx.yyy.zzz ESMTP Exim (Brents Linux Box) 4.34 Sun, 26 Sep 2004
20:00 +0200
EHLO xxx.yyy.zzz
250-xxx.yyy.zzz Hello root at trinity.yyy.zzz [192.168.2.31]
250-SIZE 52428800
250-PIPELINING
250 HELP
========================================

If anyone could assist, it would greatly be apprecited.

Kind Regards
Brent Clark

primary_hostname = xxx.yyy.zzz

av_scanner = clamd:127.0.0.1 3310

exim_path = /usr/sbin/exim4

CONFDIR = /etc/exim4

domainlist local_domains = @:xxx.yyy.zzz:localhost

domainlist relay_to_domains =

hostlist relay_from_hosts = 127.0.0.1 : ::::1 : 192.168.2.0/24
#hostlist relay_from_hosts = <, 127.0.0.1 ; ::::1 ; 192.168.2.0/24 ; 192.168.3.0/24

hostlist auth_relay_hosts = *
hostlist auth_over_tls_hosts = *
#log_selector = +tls_cipher
#tls_advertise_hosts = *
AUTH_CRAM_MD5=yes
AUTH_PLAINTEXT=yes
auth_advertise_hosts=*

qualify_domain = xxx.yyy.zzz

never_users = root

smtp_banner = $primary_hostname ESMTP Exim (Brents Linux Box) $version_number $tod_full

.ifndef DCreadhost
DCreadhost =
.endif

.ifndef DCsmarthost
DCsmarthost = smtp.saix.net
.endif

#local_interfaces = 192.168.2.2 : 127.0.0.1


#LOCAL_DELIVERY=mail_spool
LOCAL_DELIVERY=maildir_home

gecos_pattern = ^([^,:]*)
gecos_name = $1

DCconfig_smarthost = 1

acl_smtp_rcpt = acl_check_rcpt

acl_smtp_data = acl_check_data

acl_smtp_auth = acl_auth


.ifdef MESSAGE_SIZE_LIMIT
message_size_limit = MESSAGE_SIZE_LIMIT
.endif

#.ifndef DC_minimaldns
host_lookup = *
#.endif

rfc1413_hosts = *
rfc1413_query_timeout = 30s

ignore_bounce_errors_after = 2d

timeout_frozen_after = 7d

#freeze_tell = postmaster

.ifndef SPOOLDIR
SPOOLDIR = /var/spool/exim4
.endif
spool_directory = SPOOLDIR

trusted_users = uucp

begin acl

acl_auth:
# accept hosts = *
#accept  authenticated = *
accept hosts = +auth_over_tls_hosts
    endpass
    message = STARTTLS required before AUTH
    encrypted = *


acl_whitelist_local_deny:
  accept hosts = ${if exists{CONFDIR/local_host_whitelist}\
                        {CONFDIR/local_host_whitelist}\
                        {}}
  accept senders = ${if exists{CONFDIR/local_sender_whitelist}\
                        {CONFDIR/local_sender_whitelist}\
                        {}}


acl_check_rcpt:
accept hosts = :

  deny    domains       = +local_domains
          local_parts   = ^[.] : ^.*[@%!/|]
          message       = restricted characters in address


  deny    domains       = !+local_domains
          local_parts   = ^[./|] : ^.*[@%!] : ^.*/\\.\\./
          message       = restricted characters in address


  accept local_parts = postmaster
         domains = +local_domains


  deny message = sender envelope address $sender_address is locally blacklisted here. If you think this is wrong, get in touch with postmaster
       !acl = acl_whitelist_local_deny
       senders = ${if exists{CONFDIR/local_sender_blacklist}\
                             {CONFDIR/local_sender_blacklist}\
                             {}}


  deny message = sender IP address $sender_host_address is locally blacklisted here. If you think this is wrong, get in touch with postmaster
       !acl = acl_whitelist_local_deny
       hosts = ${if exists{CONFDIR/local_host_blacklist}\
                             {CONFDIR/local_host_blacklist}\
                             {}}


  accept domains = +local_domains
         endpass
         message = unknown user
         verify = recipient


  accept domains = +relay_to_domains
         endpass
         message = unrouteable address
         verify = recipient


accept hosts = +relay_from_hosts

accept authenticated = *

deny message = relay not permitted

acl_check_data:

deny   message   = Blacklisted file extension detected
       condition = ${if match \
                        {${lc:$mime_filename}} \
                        {\N(\.bat|\.com|\.exe|\.pif|\.prf|\.scr|\.vbs)$\N} \
                     {1}{0}}


deny    message       = This message contains malformed MIME ($demime_reason).
        demime        = *
        condition     = ${if >{$demime_errorlevel}{2}{1}{0}}


deny    message       = This message contains a virus or other harmful content ($malware_name)
        demime        = *
        malware       = *


   warn condition = ${if !def:h_Message-ID: {1}}
        hosts = +relay_from_hosts
        message = Message-ID: <E$message_id@$primary_hostname>

        

accept

begin routers

.ifdef DCconfig_smarthost DCconfig_satellite

smarthost:
debug_print = "R: smarthost for $local_part@$domain"
driver = manualroute
domains = ! +local_domains
transport = remote_smtp_smarthost
route_list = * DCsmarthost byname
host_find_failed = defer
same_domain_copy_routing = yes
no_more

.endif

hubbed_hosts:
  debug_print = "R: hubbed_hosts for $domain"
  driver = manualroute
  domains = "${if exists{CONFDIR/hubbed_hosts}\
                   {partial-lsearch;CONFDIR/hubbed_hosts}\
              fail}"
  route_data = ${lookup{$domain}partial-lsearch{CONFDIR/hubbed_hosts}}
  transport = remote_smtp


.ifdef DCconfig_internet

dnslookup_relay_to_domains:
debug_print = "R: dnslookup_relay_to_domains for $local_part@$domain"
driver = dnslookup
domains = ! +local_domains : +relay_to_domains
transport = remote_smtp
same_domain_copy_routing = yes
no_more

dnslookup:
  debug_print = "R: dnslookup for $local_part@$domain"
  driver = dnslookup
  domains = ! +local_domains
  transport = remote_smtp
  same_domain_copy_routing = yes
  ignore_target_hosts = 0.0.0.0 : 127.0.0.0/8 : 192.168.0.0/16 :\
                        172.16.0.0/12 : 10.0.0.0/8 : 169.254.0.0/16
  no_more


.endif

.ifdef DCconfig_local
nonlocal:
debug_print = "R: nonlocal for $local_part@$domain"
driver = redirect
domains = ! +local_domains
allow_fail
data = :fail: Mailing to remote domains not supported
no_more

.endif

real_local:
debug_print = "R: real_local for $local_part@$domain"
driver = accept
domains = +local_domains
local_part_prefix = real-
check_local_user
transport = LOCAL_DELIVERY

system_aliases:
debug_print = "R: system_aliases for $local_part@$domain"
driver = redirect
domains = +local_domains
allow_fail
allow_defer
data = ${lookup{$local_part}lsearch{/etc/aliases}}
file_transport = address_file

.ifdef DCconfig_satellite
hub_user:
debug_print = "R: hub_user for $local_part@$domain"
driver = redirect
domains = +local_domains
data = ${local_part}@DCreadhost
check_local_user

.endif

userforward:
  debug_print = "R: userforward for $local_part@$domain"
  driver = redirect
  domains = +local_domains
  check_local_user
  file = $home/.forward
  no_verify
  no_expn
  check_ancestor
  allow_filter
  directory_transport = address_directory
  file_transport = address_file
  pipe_transport = address_pipe
  reply_transport = address_reply
  skip_syntax_errors
  syntax_errors_to = real-$local_part@$domain
  syntax_errors_text = \
    This is an automatically generated message. An error has\n\
    been found in your .forward file. Details of the error are\n\
    reported below. While this error persists, you will receive\n\
    a copy of this message for every message that is addressed\n\
    to you. If your .forward file is a filter file, or if it is\n\
    a non-filter file containing no valid forwarding addresses,\n\
    a copy of each incoming message will be put in your normal\n\
    mailbox. If a non-filter file contains at least one valid\n\
    forwarding address, forwarding to the valid addresses will\n\
    happen, and those will be the only deliveries that occur.


procmail:
debug_print = "R: procmail for $local_part@$domain"
driver = accept
domains = +local_domains
check_local_user
transport = procmail_pipe
require_files = ${local_part}:${home}/.procmailrc:+/usr/bin/procmail
no_verify
no_expn

maildrop:
debug_print = "R: maildrop for $local_part@$domain"
driver = accept
domains = +local_domains
check_local_user
transport = maildrop_pipe
require_files = ${local_part}:${home}/.mailfilter:+/usr/bin/maildrop
no_verify
no_expn

local_user:
debug_print = "R: local_user for $local_part@$domain"
driver = accept
domains = +local_domains
check_local_user
local_parts = ! root
transport = LOCAL_DELIVERY

mail4root:
debug_print = "R: mail4root for $local_part@$domain"
driver = redirect
domains = +local_domains
data = /var/mail/mail
file_transport = address_file
local_parts = root
user = mail
group = mail

begin transports

address_file:
debug_print = "T: address_file for $local_part@$domain"
driver = appendfile
delivery_date_add
envelope_to_add
return_path_add

address_pipe:
debug_print = "T: address_pipe for $local_part@$domain"
driver = pipe
return_fail_output

address_reply:
debug_print = "T: autoreply for $local_part@$domain"
driver = autoreply

mail_spool:
debug_print = "T: appendfile for $local_part@$domain"
driver = appendfile
file = /var/mail/$local_part
delivery_date_add
envelope_to_add
return_path_add
group = mail
mode = 0660
mode_fail_narrower = false

maildir_home:
debug_print = "T: maildir_home for $local_part@$domain"
driver = appendfile
directory = $home/Maildir
delivery_date_add
envelope_to_add
return_path_add
maildir_format
mode = 0600
mode_fail_narrower = false

maildrop_pipe:
debug_print = "T: maildrop_pipe for $local_part@$domain"
driver = pipe
path = "/bin:/usr/bin:/usr/local/bin"
command = "/usr/bin/maildrop"
return_path_add
delivery_date_add
envelope_to_add

procmail_pipe:
debug_print = "T: procmail_pipe for $local_part@$domain"
driver = pipe
path = "/bin:/usr/bin:/usr/local/bin"
command = "/usr/bin/procmail"
return_path_add
delivery_date_add
envelope_to_add

remote_smtp:
debug_print = "T: remote_smtp for $local_part@$domain"
driver = smtp
hosts_require_auth = blink.homelinux.com
#hosts_try_auth = blink.homelinux.com

remote_smtp_smarthost:
debug_print = "T: remote_smtp_smarthost for $local_part@$domain"
driver = smtp
hosts_require_auth = blink.homelinux.com
hosts_try_auth = ${if exists {CONFDIR/passwd.client}{DCsmarthost}{}}
tls_tempfail_tryclear = false

address_directory:
debug_print = "T: address_directory for $local_part@$domain"
driver = appendfile
envelope_to_add = true
return_path_add = true
check_string = ""
escape_string = ""
maildir_format

begin authenticators

cram_md5:
driver = cram_md5
public_name = CRAM-MD5
client_name = ${extract{1}{:}{${lookup{$host}lsearch*{CONFDIR/passwd.client}{$value}fail}}}
client_secret = ${extract{2}{:}{${lookup{$host}lsearch*{CONFDIR/passwd.client}{$value}fail}}}

plain:
  driver = plaintext
  public_name = PLAIN
  client_send = "${if !eq{$tls_cipher}{}{\
                     ^${extract{1}{::}\
                       {${lookup{$host}lsearch*{CONFDIR/passwd.client}{$value}fail}}}\
                     ^${extract{2}{::}\
                       {${lookup{$host}lsearch*{CONFDIR/passwd.client}{$value}fail}}}\
                   }fail}"


login:
  driver = plaintext
  public_name = LOGIN
  client_send = "${if !eq{$tls_cipher}{}{}fail}\
                 : ${extract{1}{::}\
                        {${lookup{$host}lsearch*{CONFDIR/passwd.client}{$value}fail}}} \
                 : ${extract{2}{::}\
                     {${lookup{$host}lsearch*{CONFDIR/passwd.client}{$value}fail}}}"


begin retry

*                      *           F,2h,15m; G,16h,1h,1.5; F,4d,6h


begin rewrite

*@+local_domains ${lookup{${local_part}}lsearch{/etc/email-addresses}\
                   {$value}fail} Ffrs


*@+local_domains "${if exists {CONFDIR/email-addresses}\
                    {${lookup{${local_part}}lsearch{CONFDIR/email-addresses}\
            {$value}fail}}fail}" Ffrs