Re: [exim] Authentication for sending

Kezdőlap
Üzenet törlése
Válasz az üzenetre
Szerző: Giuliano Gavazzi
Dátum:  
Címzett: Michael Johnson, Exim-users
CC: 
Tárgy: Re: [exim] Authentication for sending
At 11:01 pm -0400 2004/10/18, Michael Johnson wrote:
[...]
>The log entries for the sender authentication show there's no
>/etc/relayers file. This makes sense as I haven't created one on
>the new machine. However, I'd like to use the NetInfo database
>user/pass. How can I get it to look to the nidb? I'm not really
>comfortable with an un-hashed user/pass file on this system. It
>worked fine as a stop-gap on my home system, but I need to get this
>working in a more secure manner.


I did sometime ago write a NetInfo lookup for exim, in the LOGIN
authenticator I have for instance:

  server_condition = "${if and {{!eq{$1}{}}{!eq{$2}{}} \
                           {crypteq{$2}{\
                         ${lookup netinfo {-t localhost/local 
/users/$1 passwd 0} \
       {$value}{*}}}}}{1}{0}}"


however this is for an old system. Since 10.3 this is not required
anymore (for user/pass lookup) and is going to become obsolete as
NetInfo is phased out.
You should use PAM (but it works without tricks only on 10.3 and later), as in:

   server_condition=${if and    {\
                                        {!eq{$1}{}}\
                                        {!eq{$2}{}}\
                                        {pam{$1:${sg{$2}{:}{::}}}}\
                                }\
                {yes}{no}}



with /etc/pam.d/exim:

# chkpasswd: auth account
auth    required        pam_securityserver.so
account required        pam_unix.so


Giuliano