[exim] smtp authtenitcation from Outlook

Top Page
Delete this message
Reply to this message
Author: sam wun
Date:  
To: Cyrus-SASL, info-cyrus, Exim Users
CC: 
Subject: [exim] smtp authtenitcation from Outlook
Hi,

I have solved the problem with the external client authentication. But
this fix is only allow Mozilla user authenticate with encrypted password
on smtp using cram-md5,

It still failed with Outlook NTLM smtp authentication. I have changed the setting in imapd.conf allow plain password login.
I have no other choice so lower the security level for Outlook user send password in plain text.

But smtp login still failed.

I have the following authentication setup for Exim smtp:
sasl_cram_md5:
        driver = cyrus_sasl
        public_name = CRAM-MD5
        server_set_id = $1


sasl_plain:
        driver = cyrus_sasl
        public_name = PLAIN
        server_set_id = $1


In Outlook, I have entered Account name and password and uncheck the box of SPA, but sending email returned error as "relay not permitted".

In Exim, the ACL configuration is look like as below:
begin acl

# This access control list is used for every RCPT command in an incoming
# SMTP message. The tests are run in order until the address is either
# accepted or denied.

acl_check_rcpt:
accept domains = +local_domains
accept hosts = +relay_hosts

accept hosts = :

  deny    message       = Restricted characters in address
          domains       = +local_domains
          local_parts   = ^[.] : ^.*[@%!/|]


  deny    message       = Restricted characters in address
          domains       = !+local_domains
          local_parts   = ^[./|] : ^.*[@%!] : ^.*/\\.\\./


  accept  local_parts   = postmaster
          domains       = +local_domains


  require verify        = sender


  accept  domains       = +local_domains
          endpass
          verify        = recipient


  accept  domains       = +relay_to_domains
          endpass
          verify        = recipient



  accept  hosts         = +relay_from_hosts


accept authenticated = *

  deny    message       = relay not permitted
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^


If user use Mozilla, this doesn't happened.
I don't know why the smtp authentication goes into this ACL instead of done thru the Authenticator. If Authenticator is failed, the error should be shown in the authenticator.

Does anyone have any idea? I have run out of idea....

Thanks
Sam