At 11:01 pm -0400 2004/10/18, Michael Johnson wrote:
[...]
>The log entries for the sender authentication show there's no
>/etc/relayers file. This makes sense as I haven't created one on
>the new machine. However, I'd like to use the NetInfo database
>user/pass. How can I get it to look to the nidb? I'm not really
>comfortable with an un-hashed user/pass file on this system. It
>worked fine as a stop-gap on my home system, but I need to get this
>working in a more secure manner.
I did sometime ago write a NetInfo lookup for exim, in the LOGIN
authenticator I have for instance:
server_condition = "${if and {{!eq{$1}{}}{!eq{$2}{}} \
{crypteq{$2}{\
${lookup netinfo {-t localhost/local
/users/$1 passwd 0} \
{$value}{*}}}}}{1}{0}}"
however this is for an old system. Since 10.3 this is not required
anymore (for user/pass lookup) and is going to become obsolete as
NetInfo is phased out.
You should use PAM (but it works without tricks only on 10.3 and later), as in:
server_condition=${if and {\
{!eq{$1}{}}\
{!eq{$2}{}}\
{pam{$1:${sg{$2}{:}{::}}}}\
}\
{yes}{no}}
with /etc/pam.d/exim:
# chkpasswd: auth account
auth required pam_securityserver.so
account required pam_unix.so
Giuliano
