[exim] How to define correct saslauthd authenticator

Page principale
Supprimer ce message
Répondre à ce message
Auteur: Jack
Date:  
À: exim-users
Sujet: [exim] How to define correct saslauthd authenticator
Dear Exim experts,

I got the same error too.

I also use the same exim commandline to test the authentication. Here is
the snapshot:

#encode "\0jack@???\0jack@???"
kas8oewkmsaidjisdlke2sfoisjdfidskkdkdf==

# exim -d+auth -bh 127.0.0.1
Exim version 4.43 (FreeBSD 4.10) uid=0 gid=0 pid=16139 D=fbb95cfd
Berkeley DB: Sleepycat Software: Berkeley DB 4.2.52: (December 3, 2003)
Support for: iconv() IPv6 PAM Perl OpenSSL
Lookups: lsearch wildlsearch nwildlsearch iplsearch cdb dbm dbmnz dnsdb
dsearch nis nis0 passwd
Authenticators: cram_md5 cyrus_sasl plaintext spa
Routers: accept dnslookup ipliteral manualroute queryprogram redirect
Transports: appendfile/maildir/mailstore/mbx autoreply lmtp pipe smtp
Fixed never_users: 0
changed uid/gid: forcing real = effective
uid=0 gid=0 pid=16139
auxiliary group list: 0
configuration file is /usr/local/etc/exim/configure
log selectors = 00000ffc 00010400
Starting Perl interpreter
trusted user
admin user
changed uid/gid: privilege not needed
uid=10 gid=2 pid=5910
auxiliary group list: 2
finduser used cached passwd data for cyrus
originator: uid=0 gid=0 login=root name=Charlie Root
sender address = root@??? localdomain.net maildomain.com
sender_fullhost = [127.0.0.1]
sender_rcvhost = [127.0.0.1]

**** SMTP testing session as if from host 127.0.0.1
**** but without any ident (RFC 1413) callback.
**** This is not for real!

host in hosts_connection_nolog? no (option unset)
LOG: smtp_connection MAIN
SMTP connection from [127.0.0.1]
host in host_lookup? no (option unset)
set_process_info: 16139 handling incoming connection from [127.0.0.1]
host in host_reject_connection? no (option unset)
host in sender_unqualified_hosts? no (option unset)
host in recipient_unqualified_hosts? no (option unset)
host in helo_verify_hosts? no (option unset)
host in helo_try_verify_hosts? no (option unset)
host in helo_accept_junk_hosts? no (option unset)
SMTP>> 220 at.localdomain.com ESMTP Exim 4.43 Mon,

220 kl.localdomain.com ESMTP Exim 4.43 Mon,
smtp_setup_msg entered
EHLO localhost
SMTP<< EHLO localhost
localhost in helo_lookup_domains? no (end of list)
sender_fullhost = (localhost) [127.0.0.1]
sender_rcvhost = [127.0.0.1] (helo=localhost)
set_process_info: 16139 handling incoming connection from (localhost)
[127.0.0.1]
host in pipelining_advertise_hosts? yes (matched "*")
host in auth_advertise_hosts? yes (matched "*")
host in tls_advertise_hosts? no (option unset)
250-at.localdomain.com Hello localhost [127.0.0.1]
250-SIZE 52428800
250-PIPELINING
250-AUTH LOGIN PLAIN
250 HELP
SMTP>> 250-kl.localdomain.com Hello localhost [127.0.0.1]

250-SIZE
250-PIPELINING
250-AUTH LOGIN PLAIN
250 HELP
AUTH PLAIN kas8oewkmsaidjisdlke2sfoisjdfidskkdkdf==
SMTP<< AUTH PLAIN kas8oewkmsaidjisdlke2sfoisjdfidskkdkdf==
Running saslauthd authentication for user "jack.com"
saslauthd userid='jack.com' servicename='' realm=''
Answer 'NO' received.
saslauthd: access denied (NO)
plain authenticator:
$1 =
$2 = jack.com
$3 = jack.com
expanded string: 0
SMTP>> 535 Incorrect authentication data

535 Incorrect authentication data
LOG: MAIN REJECT
plain authenticator failed for (localhost) [127.0.0.1]: 535 Incorrect
authentication data (set_id=jack.com)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^

I found this not right, the set_id should be equal to
jack@???? The saslauthenticator is straight copy from the
tomster.com freebsdcookbook:
http://tomster.org/geek/freebsdcookbook/ar01s02.html

Thanks
Jack



sam wun wrote:

> Hi,
>
> The following saslauthd authenticators does not work for smtp auth:
>
> fixed_login:
>        driver = plaintext
>        public_name = LOGIN
>        server_prompts = UserName:: : Password::
>        #server_prompts = <| Username: | Password:
>        #server_prompts = <; Username: ; Password:
>        #server_prompts = <| Username: ; Password:
>        #server_prompts = <, Username: , Password:
>        server_condition = ${if saslauthd{{$1}{$2}}{1}{0}}
>        server_set_id = $1

>
> plain:
>        driver = plaintext
>        public_name = PLAIN
>        server_condition = ${if saslauthd{{$2}{$3}}{1}{0}}
>        server_set_id = $2

>
> The error is:
> 2004-11-08 09:35:50 plain authenticator failed for ([192.168.9.1])
> [192.168.9.1]: 535 Incorrect authentication data
> (set_id=jack@???)
> 2004-11-08 09:35:50 fixed_login authenticator failed for
> ([192.168.9.1]) [192.168.9.1]: 535 Incorrect authentication data
> (set_id=jack@???)
>
> I have Exim4.43 compiled with saslauthd and cyrus-sasl2.
>
> Thank you for your patience.
>
> Thanks
> Sam
>