sam wun wrote:
> Oliver Eikemeier wrote:
>
>> sam wun wrote:
>>
>>> It is working fine when login cyrus with fqdn with user id, but auth
>>> smtp failed.
>>> When sending email, I entered user@??? in the User name and
>>> Password edit box in the Outgoing Server dialog box. The smtp
>>> authentication was not successful in this case.
>>> If I enter user id only in the Outgoin Server dialog box, the smtp
>>> auth works fine.
>>> Now the login id for cyrus is fqdn, login id only for out-going
>>> server auth smtp.
>>>
>>> I have test the login id fqdn authtentication with imtest command
>>> (with LOGIN mech) and it works fine.
>>> The way I create password is:
>>> saslpasswd2 -c user@???
>>>
>>> Since login id fqdn is failed with smtp auth, I also need to create
>>> one more password for the user:
>>> saslpasswd2 -c user
>>>
>>> I dont know what is going on here.
>>> I have test fully qualified user account login iwth imtest, and it
>>> authenticated successfully. May be this test is same as a mail
>>> client login to imap server.
>>> It seems that smtp authentication doesn't allocate sasldb2 file
>>> correctly.
>>>
>>> The smtp Exim server has the following configuration for saslauthd
>>> authentication:
>>> #fixed_login:
>>> login:
>>> driver = plaintext
>>> public_name = LOGIN
>>> server_prompts = UserName:: : Password::
>>> server_condition = ${if saslauthd{{$1}{$2}}{1}{0}}
>>> server_set_id = $1
>>>
>>> plain:
>>> driver = plaintext
>>> public_name = PLAIN
>>> server_condition = ${if saslauthd{{$2}{$3}}{1}{0}}
>>> server_set_id = $2
>>>
>>> The error in mainlog is:
>>> login authenticator failed for ([192.168.4.235]) [192.168.4.235]:
>>> 535 Incorrect a
>>> uthentication data (set_id=sam.wun@???)
>>>
>>> Note, the smtp authentication only successful if the login id have
>>> the domain part stripped.
>>> If I remote option primary domain and qualified domain in the
>>> configure file (that is to force authentication with fully qualified
>>> user id with domain name), then authentication will failed because
>>> login is not using fully qualified user ID.
>>
>>
>>
>> Do you mean
>> imtest -v -a sam.wun@??? 127.0.0.1
>> works, but
>> smtptest -v -a sam.wun@??? 127.0.0.1
>> does not?
>>
> Thanks very much for the help. Yes. the imtest works, smtptest failed.
> Here is the the screen dump:
> # smtptest -v -a buddy@???
> 127.0.0.1 S: 220 at.mydomain.com ESMTP
> Exim 4.43 Sun, 24 Oct 2004 21:04:37 +0800
> C: EHLO example.com
sorry, I meant I don't know why I got this example.com domain, I neer
defined it in my configure file.
> S: 250-at.mydomain.com Hello example.com [127.0.0.1]
> ^^^^^^^^^^^ I dont know
> why I got this.
> S: 250-SIZE 52428800
> S: 250-PIPELINING
> S: 250-AUTH LOGIN PLAIN
> S: 250 HELP
> C: AUTH LOGIN
> S: 334 VXNlck5hbWU6
> Please enter your password:
> C: YnDkZGlABXV0aHRlYy5bb20=
> S: 334 UGFsfzc3fgdvcmQ6
> C: MjAyOEFXsfNdfahbXd1bg==
> S: 535 Incorrect authentication data
> Authentication failed. generic failure
> Security strength factor: 0
> ^CC: QUIT
> Connection closed.
>
>
>> A log of smtptest and a sample `exim -d+all -bh 127.0.0.1` session
>> would be useful (CAUTION: will contain your password)
>> -Oliver
>>
>>
> Here is part of the log from executing the command after completed the
> smtptest:
> # exim -d+all -bh 127.0.0.1
> 21:04:45 28343 Exim version 4.43 (FreeBSD 5.3) uid=0 gid=0 pid=28343
> D=ffffffff
> Probably Berkeley DB version 1.8x (native mode)
> Support for: iconv() IPv6 PAM Perl OpenSSL
> Lookups: lsearch wildlsearch nwildlsearch iplsearch cdb dbm dbmnz
> dnsdb dsearch nis nis0 passwd
> Authenticators: cram_md5 plaintext spa
> Routers: accept dnslookup ipliteral manualroute queryprogram redirect
> Transports: appendfile/maildir/mailstore/mbx autoreply lmtp pipe smtp
> Fixed never_users: 0
> ....
> ....
> 21:04:45 28343 finduser used cached passwd data for mailnull
> ...
> 21:04:45 28343 configuration file is /usr/local/etc/exim/configure
> 21:04:45 28343 log selectors = 00000ffc 00010400
> 21:04:45 28343 trusted user
> 21:04:45 28343 admin user
> 21:04:45 28343 changed uid/gid: privilege not needed
> 21:04:45 28343 uid=26 gid=6 pid=28343
> 21:04:45 28343 auxiliary group list: 6
> ...
> 21:04:45 28343 originator: uid=0 gid=0 login=root name=Charlie Root
> 21:04:45 28343 ---0 Get 0x8115038 40 string.c 347
> 21:04:45 28343 ---0 Get 0x8115060 40 string.c 347
> 21:04:45 28343 sender address = root@??? mydomain.net
> 21:04:45 28343 ---1 Get 0x8113878 16 string.c 347
> 21:04:45 28343 ---1 Get 0x8113888 104 string.c 856
> 21:04:45 28343 ---1 Rst 0x8113894 ** host.c 330 16400
> 21:04:45 28343 sender_fullhost = [127.0.0.1]
> 21:04:45 28343 sender_rcvhost = [127.0.0.1]
>
> **** SMTP testing session as if from host 127.0.0.1
> **** but without any ident (RFC 1413) callback.
> **** This is not for real!
>
> 21:04:45 28343 ---0 Get 0x8115088 32 string.c 347
> 21:04:45 28343 host in hosts_connection_nolog? no (option unset)
> 21:04:45 28343 ---0 Get 0x81150a8 40 string.c 347
> 21:04:45 28343 ---1 Get 0x8113898 24 string.c 347
> 21:04:45 28343 LOG: smtp_connection MAIN
> 21:04:45 28343 SMTP connection from [127.0.0.1]
> 21:04:45 28343 ---0 Get 0x81150d0 24 string.c 347
> 21:04:45 28343 host in host_lookup? no (option unset)
> 21:04:45 28343 set_process_info: 28343 handling incoming connection
> from [127.0.0.1]
> 21:04:45 28343 ---0 Get 0x81150e8 32 string.c 347
> 21:04:45 28343 host in host_reject_connection? no (option unset)
> 21:04:45 28343 ---0 Get 0x8115108 40 string.c 347
> 21:04:45 28343 host in sender_unqualified_hosts? no (option unset)
> 21:04:45 28343 ---0 Get 0x8115130 40 string.c 347
> 21:04:45 28343 host in recipient_unqualified_hosts? no (option unset)
> 21:04:45 28343 ---0 Get 0x8115158 32 string.c 347
> 21:04:45 28343 host in helo_verify_hosts? no (option unset)
> 21:04:45 28343 ---0 Get 0x8115178 32 string.c 347
> 21:04:45 28343 host in helo_try_verify_hosts? no (option unset)
> 21:04:45 28343 ---0 Get 0x8115198 32 string.c 347
> 21:04:45 28343 host in helo_accept_junk_hosts? no (option unset)
> 21:04:45 28343 ---0 Get 0x81151b8 120 expand.c 2556
> 21:04:45 28343 ---0 Rst 0x81151b8 ** expand.c 2632 16400
> 21:04:45 28343 ---0 Get 0x81151b8 104 string.c 856
> 21:04:45 28343 ---0 Rst 0x81151f7 ** expand.c 4407 16400
> 21:04:45 28343 expanding: $primary_hostname ESMTP Exim $version_number
> $tod_full
> 21:04:45 28343 result: at.mydomain.com ESMTP Exim 4.43 Sun, 24 Oct
> 2004 21:04:45 +0800
> 21:04:45 28343 ---0 Get 0x81151f8 256 smtp_in.c 1558
> 21:04:45 28343 SMTP>> 220 at.mydomain.com ESMTP Exim 4.43 Sun, 24 Oct
> 2004 21:04:45 +0800
> 220 at.mydomain.com ESMTP Exim 4.43 Sun, 24 Oct 2004 21:04:45 +0800
> 21:04:45 28343 ---0 Get 0x81152f8 0 exim.c 4094
> 21:04:45 28343 ---0 Rst 0x81152f8 ** exim.c 4097 16400
> 21:04:45 28343 ---0 Get 0x81152f8 0 smtp_in.c 1931
> 21:04:45 28343 smtp_setup_msg entered
> 21:04:45 28343 ---0 Rst 0x81152f8 ** smtp_in.c 800 16400
>
> I don't know how to debug this log.
> You are expert. Do you know any suspicious incorrect configuration here?
>
> Thanks
> Sam
>
>
>