Re: [exim] Re: SMTP failed with fully qualified user id

Page principale
Supprimer ce message
Répondre à ce message
Auteur: sam wun
Date:  
CC: Exim User's Mailing List, Oliver Eikemeier
Sujet: Re: [exim] Re: SMTP failed with fully qualified user id
sam wun wrote:

> Oliver Eikemeier wrote:
>
>> sam wun wrote:
>>
>>> It is working fine when login cyrus with fqdn with user id, but auth
>>> smtp failed.
>>> When sending email, I entered user@??? in the User name and
>>> Password edit box in the Outgoing Server dialog box. The smtp
>>> authentication was not successful in this case.
>>> If I enter user id only in the Outgoin Server dialog box, the smtp
>>> auth works fine.
>>> Now the login id for cyrus is fqdn, login id only for out-going
>>> server auth smtp.
>>>
>>> I have test the login id fqdn authtentication with imtest command
>>> (with LOGIN mech) and it works fine.
>>> The way I create password is:
>>> saslpasswd2 -c user@???
>>>
>>> Since login id fqdn is failed with smtp auth, I also need to create
>>> one more password for the user:
>>> saslpasswd2 -c user
>>>
>>> I dont know what is going on here.
>>> I have test fully qualified user account login iwth imtest, and it
>>> authenticated successfully. May be this test is same as a mail
>>> client login to imap server.
>>> It seems that smtp authentication doesn't allocate sasldb2 file
>>> correctly.
>>>
>>> The smtp Exim server has the following configuration for saslauthd 
>>> authentication:
>>> #fixed_login:
>>> login:
>>>        driver = plaintext
>>>        public_name = LOGIN
>>>        server_prompts = UserName:: : Password::
>>>        server_condition = ${if saslauthd{{$1}{$2}}{1}{0}}
>>>        server_set_id = $1

>>>
>>> plain:
>>>        driver = plaintext
>>>        public_name = PLAIN
>>>        server_condition = ${if saslauthd{{$2}{$3}}{1}{0}}
>>>        server_set_id = $2

>>>
>>> The error in mainlog is:
>>> login authenticator failed for ([192.168.4.235]) [192.168.4.235]:
>>> 535 Incorrect a
>>> uthentication data (set_id=sam.wun@???)
>>>
>>> Note, the smtp authentication only successful if the login id have
>>> the domain part stripped.
>>> If I remote option primary domain and qualified domain in the
>>> configure file (that is to force authentication with fully qualified
>>> user id with domain name), then authentication will failed because
>>> login is not using fully qualified user ID.
>>
>>
>>
>> Do you mean
>> imtest -v -a sam.wun@??? 127.0.0.1
>> works, but
>> smtptest -v -a sam.wun@??? 127.0.0.1
>> does not?
>>
> Thanks very much for the help. Yes. the imtest works, smtptest failed.
> Here is the the screen dump:
> # smtptest -v -a buddy@??? 
> 127.0.0.1                                S: 220 at.mydomain.com ESMTP 
> Exim 4.43 Sun, 24 Oct 2004 21:04:37 +0800
> C: EHLO example.com


sorry, I meant I don't know why I got this example.com domain, I neer
defined it in my configure file.

> S: 250-at.mydomain.com Hello example.com [127.0.0.1]
>                                               ^^^^^^^^^^^ I dont know 
> why I got this.
> S: 250-SIZE 52428800
> S: 250-PIPELINING
> S: 250-AUTH LOGIN PLAIN
> S: 250 HELP
> C: AUTH LOGIN
> S: 334 VXNlck5hbWU6
> Please enter your password:
> C: YnDkZGlABXV0aHRlYy5bb20=
> S: 334 UGFsfzc3fgdvcmQ6
> C: MjAyOEFXsfNdfahbXd1bg==
> S: 535 Incorrect authentication data
> Authentication failed. generic failure
> Security strength factor: 0
> ^CC: QUIT
> Connection closed.

>
>
>> A log of smtptest and a sample `exim -d+all -bh 127.0.0.1` session
>> would be useful (CAUTION: will contain your password)
>> -Oliver
>>
>>
> Here is part of the log from executing the command after completed the 
> smtptest:
> # exim -d+all -bh 127.0.0.1
> 21:04:45 28343 Exim version 4.43 (FreeBSD 5.3) uid=0 gid=0 pid=28343 
> D=ffffffff
> Probably Berkeley DB version 1.8x (native mode)
> Support for: iconv() IPv6 PAM Perl OpenSSL
> Lookups: lsearch wildlsearch nwildlsearch iplsearch cdb dbm dbmnz 
> dnsdb dsearch nis nis0 passwd
> Authenticators: cram_md5 plaintext spa
> Routers: accept dnslookup ipliteral manualroute queryprogram redirect
> Transports: appendfile/maildir/mailstore/mbx autoreply lmtp pipe smtp
> Fixed never_users: 0
> ....
> ....
> 21:04:45 28343 finduser used cached passwd data for mailnull
> ...
> 21:04:45 28343 configuration file is /usr/local/etc/exim/configure
> 21:04:45 28343 log selectors = 00000ffc 00010400
> 21:04:45 28343 trusted user
> 21:04:45 28343 admin user
> 21:04:45 28343 changed uid/gid: privilege not needed
> 21:04:45 28343   uid=26 gid=6 pid=28343
> 21:04:45 28343   auxiliary group list: 6
> ...
> 21:04:45 28343 originator: uid=0 gid=0 login=root name=Charlie Root
> 21:04:45 28343 ---0 Get 0x8115038    40       string.c  347
> 21:04:45 28343 ---0 Get 0x8115060    40       string.c  347
> 21:04:45 28343 sender address = root@??? mydomain.net 
> 21:04:45 28343 ---1 Get 0x8113878    16       string.c  347
> 21:04:45 28343 ---1 Get 0x8113888   104       string.c  856
> 21:04:45 28343 ---1 Rst 0x8113894    **         host.c  330 16400
> 21:04:45 28343 sender_fullhost = [127.0.0.1]
> 21:04:45 28343 sender_rcvhost = [127.0.0.1]

>
> **** SMTP testing session as if from host 127.0.0.1
> **** but without any ident (RFC 1413) callback.
> **** This is not for real!
>
> 21:04:45 28343 ---0 Get 0x8115088    32       string.c  347
> 21:04:45 28343 host in hosts_connection_nolog? no (option unset)
> 21:04:45 28343 ---0 Get 0x81150a8    40       string.c  347
> 21:04:45 28343 ---1 Get 0x8113898    24       string.c  347
> 21:04:45 28343 LOG: smtp_connection MAIN
> 21:04:45 28343   SMTP connection from [127.0.0.1]
> 21:04:45 28343 ---0 Get 0x81150d0    24       string.c  347
> 21:04:45 28343 host in host_lookup? no (option unset)
> 21:04:45 28343 set_process_info: 28343 handling incoming connection 
> from [127.0.0.1]
> 21:04:45 28343 ---0 Get 0x81150e8    32       string.c  347
> 21:04:45 28343 host in host_reject_connection? no (option unset)
> 21:04:45 28343 ---0 Get 0x8115108    40       string.c  347
> 21:04:45 28343 host in sender_unqualified_hosts? no (option unset)
> 21:04:45 28343 ---0 Get 0x8115130    40       string.c  347
> 21:04:45 28343 host in recipient_unqualified_hosts? no (option unset)
> 21:04:45 28343 ---0 Get 0x8115158    32       string.c  347
> 21:04:45 28343 host in helo_verify_hosts? no (option unset)
> 21:04:45 28343 ---0 Get 0x8115178    32       string.c  347
> 21:04:45 28343 host in helo_try_verify_hosts? no (option unset)
> 21:04:45 28343 ---0 Get 0x8115198    32       string.c  347
> 21:04:45 28343 host in helo_accept_junk_hosts? no (option unset)
> 21:04:45 28343 ---0 Get 0x81151b8   120       expand.c 2556
> 21:04:45 28343 ---0 Rst 0x81151b8    **       expand.c 2632 16400
> 21:04:45 28343 ---0 Get 0x81151b8   104       string.c  856
> 21:04:45 28343 ---0 Rst 0x81151f7    **       expand.c 4407 16400
> 21:04:45 28343 expanding: $primary_hostname ESMTP Exim $version_number 
> $tod_full
> 21:04:45 28343    result: at.mydomain.com ESMTP Exim 4.43 Sun, 24 Oct 
> 2004 21:04:45 +0800
> 21:04:45 28343 ---0 Get 0x81151f8   256      smtp_in.c 1558
> 21:04:45 28343 SMTP>> 220 at.mydomain.com ESMTP Exim 4.43 Sun, 24 Oct 
> 2004 21:04:45 +0800
> 220 at.mydomain.com ESMTP Exim 4.43 Sun, 24 Oct 2004 21:04:45 +0800
> 21:04:45 28343 ---0 Get 0x81152f8     0         exim.c 4094
> 21:04:45 28343 ---0 Rst 0x81152f8    **         exim.c 4097 16400
> 21:04:45 28343 ---0 Get 0x81152f8     0      smtp_in.c 1931
> 21:04:45 28343 smtp_setup_msg entered
> 21:04:45 28343 ---0 Rst 0x81152f8    **      smtp_in.c  800 16400

>
> I don't know how to debug this log.
> You are expert. Do you know any suspicious incorrect configuration here?
>
> Thanks
> Sam
>
>
>