Re: [exim] Re: SMTP failed with fully qualified user id

Top Page
This message is part of the following thread:
Mthe complete thread tree sorted by date
M\Oliver Eikemeier at <-
MMsam wun at ->
Delete this message
Reply to this message
Author: sam wun
Date:  
To: Oliver Eikemeier
CC: Exim User's Mailing List
Subject: Re: [exim] Re: SMTP failed with fully qualified user id
Oliver Eikemeier wrote:

> sam wun wrote:
>
>> It is working fine when login cyrus with fqdn with user id, but auth
>> smtp failed.
>> When sending email, I entered user@??? in the User name and
>> Password edit box in the Outgoing Server dialog box. The smtp
>> authentication was not successful in this case.
>> If I enter user id only in the Outgoin Server dialog box, the smtp
>> auth works fine.
>> Now the login id for cyrus is fqdn, login id only for out-going
>> server auth smtp.
>>
>> I have test the login id fqdn authtentication with imtest command
>> (with LOGIN mech) and it works fine.
>> The way I create password is:
>> saslpasswd2 -c user@???
>>
>> Since login id fqdn is failed with smtp auth, I also need to create
>> one more password for the user:
>> saslpasswd2 -c user
>>
>> I dont know what is going on here.
>> I have test fully qualified user account login iwth imtest, and it
>> authenticated successfully. May be this test is same as a mail client
>> login to imap server.
>> It seems that smtp authentication doesn't allocate sasldb2 file
>> correctly.
>>
>> The smtp Exim server has the following configuration for saslauthd 
>> authentication:
>> #fixed_login:
>> login:
>>        driver = plaintext
>>        public_name = LOGIN
>>        server_prompts = UserName:: : Password::
>>        server_condition = ${if saslauthd{{$1}{$2}}{1}{0}}
>>        server_set_id = $1

>>
>> plain:
>>        driver = plaintext
>>        public_name = PLAIN
>>        server_condition = ${if saslauthd{{$2}{$3}}{1}{0}}
>>        server_set_id = $2

>>
>> The error in mainlog is:
>> login authenticator failed for ([192.168.4.235]) [192.168.4.235]: 535
>> Incorrect a
>> uthentication data (set_id=sam.wun@???)
>>
>> Note, the smtp authentication only successful if the login id have
>> the domain part stripped.
>> If I remote option primary domain and qualified domain in the
>> configure file (that is to force authentication with fully qualified
>> user id with domain name), then authentication will failed because
>> login is not using fully qualified user ID.
>
>
> Do you mean
> imtest -v -a sam.wun@??? 127.0.0.1
> works, but
> smtptest -v -a sam.wun@??? 127.0.0.1
> does not?
>
Thanks very much for the help. Yes. the imtest works, smtptest failed.
Here is the the screen dump:
# smtptest -v -a buddy@??? 
127.0.0.1                                
S: 220 at.mydomain.com ESMTP Exim 4.43 Sun, 24 Oct 2004 21:04:37 +0800
C: EHLO example.com
S: 250-at.mydomain.com Hello example.com [127.0.0.1]
                                               ^^^^^^^^^^^ I dont know 
why I got this.
S: 250-SIZE 52428800
S: 250-PIPELINING
S: 250-AUTH LOGIN PLAIN
S: 250 HELP
C: AUTH LOGIN
S: 334 VXNlck5hbWU6
Please enter your password:
C: YnDkZGlABXV0aHRlYy5bb20=
S: 334 UGFsfzc3fgdvcmQ6
C: MjAyOEFXsfNdfahbXd1bg==
S: 535 Incorrect authentication data
Authentication failed. generic failure
Security strength factor: 0
^CC: QUIT
Connection closed.



> A log of smtptest and a sample `exim -d+all -bh 127.0.0.1` session
> would be useful (CAUTION: will contain your password)
> -Oliver
>
>
Here is part of the log from executing the command after completed the smtptest:
# exim -d+all -bh 127.0.0.1
21:04:45 28343 Exim version 4.43 (FreeBSD 5.3) uid=0 gid=0 pid=28343 D=ffffffff
Probably Berkeley DB version 1.8x (native mode)
Support for: iconv() IPv6 PAM Perl OpenSSL
Lookups: lsearch wildlsearch nwildlsearch iplsearch cdb dbm dbmnz dnsdb dsearch nis nis0 passwd
Authenticators: cram_md5 plaintext spa
Routers: accept dnslookup ipliteral manualroute queryprogram redirect
Transports: appendfile/maildir/mailstore/mbx autoreply lmtp pipe smtp
Fixed never_users: 0
....
....
21:04:45 28343 finduser used cached passwd data for mailnull
...
21:04:45 28343 configuration file is /usr/local/etc/exim/configure
21:04:45 28343 log selectors = 00000ffc 00010400
21:04:45 28343 trusted user
21:04:45 28343 admin user
21:04:45 28343 changed uid/gid: privilege not needed
21:04:45 28343   uid=26 gid=6 pid=28343
21:04:45 28343   auxiliary group list: 6
...
21:04:45 28343 originator: uid=0 gid=0 login=root name=Charlie Root
21:04:45 28343 ---0 Get 0x8115038    40       string.c  347
21:04:45 28343 ---0 Get 0x8115060    40       string.c  347
21:04:45 28343 sender address = root@??? mydomain.net 
21:04:45 28343 ---1 Get 0x8113878    16       string.c  347
21:04:45 28343 ---1 Get 0x8113888   104       string.c  856
21:04:45 28343 ---1 Rst 0x8113894    **         host.c  330 16400
21:04:45 28343 sender_fullhost = [127.0.0.1]
21:04:45 28343 sender_rcvhost = [127.0.0.1]


**** SMTP testing session as if from host 127.0.0.1
**** but without any ident (RFC 1413) callback.
**** This is not for real! 

21:04:45 28343 ---0 Get 0x8115088    32       string.c  347
21:04:45 28343 host in hosts_connection_nolog? no (option unset)
21:04:45 28343 ---0 Get 0x81150a8    40       string.c  347
21:04:45 28343 ---1 Get 0x8113898    24       string.c  347
21:04:45 28343 LOG: smtp_connection MAIN
21:04:45 28343   SMTP connection from [127.0.0.1]
21:04:45 28343 ---0 Get 0x81150d0    24       string.c  347
21:04:45 28343 host in host_lookup? no (option unset)
21:04:45 28343 set_process_info: 28343 handling incoming connection from [127.0.0.1]
21:04:45 28343 ---0 Get 0x81150e8    32       string.c  347
21:04:45 28343 host in host_reject_connection? no (option unset)
21:04:45 28343 ---0 Get 0x8115108    40       string.c  347
21:04:45 28343 host in sender_unqualified_hosts? no (option unset)
21:04:45 28343 ---0 Get 0x8115130    40       string.c  347
21:04:45 28343 host in recipient_unqualified_hosts? no (option unset)
21:04:45 28343 ---0 Get 0x8115158    32       string.c  347
21:04:45 28343 host in helo_verify_hosts? no (option unset)
21:04:45 28343 ---0 Get 0x8115178    32       string.c  347
21:04:45 28343 host in helo_try_verify_hosts? no (option unset)
21:04:45 28343 ---0 Get 0x8115198    32       string.c  347
21:04:45 28343 host in helo_accept_junk_hosts? no (option unset)
21:04:45 28343 ---0 Get 0x81151b8   120       expand.c 2556
21:04:45 28343 ---0 Rst 0x81151b8    **       expand.c 2632 16400
21:04:45 28343 ---0 Get 0x81151b8   104       string.c  856
21:04:45 28343 ---0 Rst 0x81151f7    **       expand.c 4407 16400
21:04:45 28343 expanding: $primary_hostname ESMTP Exim $version_number $tod_full
21:04:45 28343    result: at.mydomain.com ESMTP Exim 4.43 Sun, 24 Oct 2004 21:04:45 +0800
21:04:45 28343 ---0 Get 0x81151f8   256      smtp_in.c 1558
21:04:45 28343 SMTP>> 220 at.mydomain.com ESMTP Exim 4.43 Sun, 24 Oct 2004 21:04:45 +0800
220 at.mydomain.com ESMTP Exim 4.43 Sun, 24 Oct 2004 21:04:45 +0800
21:04:45 28343 ---0 Get 0x81152f8     0         exim.c 4094
21:04:45 28343 ---0 Rst 0x81152f8    **         exim.c 4097 16400
21:04:45 28343 ---0 Get 0x81152f8     0      smtp_in.c 1931
21:04:45 28343 smtp_setup_msg entered
21:04:45 28343 ---0 Rst 0x81152f8    **      smtp_in.c  800 16400


I don't know how to debug this log.
You are expert. Do you know any suspicious incorrect configuration here?

Thanks
Sam




This message was posted to the following mailing lists:
Exim-users
Mailing List Info | Nearby Messages		<-RE: [exim] Is there and logical reason to reject mail from: <> ?Re: [exim] Re: SMTP failed with fully qualified user id->
Tahini and Hummus and Cumin Development Archives administrated by cumin AdminsLurker (version 2.3)