Re: [exim] Need Help to Solve security hole

Pàgina inicial
Delete this message
Reply to this message
Autor: Tony Finch
Data:  
A: Sergio Basurto Juarez
CC: exim-users
Assumpte: Re: [exim] Need Help to Solve security hole
On Tue, 21 Jun 2005, Sergio Basurto Juarez wrote:
>
> I understand that leave SMTP without an auth method is a security hole,
> so I should reinstall the complete server because even if I deinstall
> exim and reinstall it, it goes on sending a lot of stuff.


You only need to configure Exim correctly so that it isn't an open relay.
Reinstalling won't help.

> Righ now I have totaly configured my server with Debian, and I still
> want to use exim as my MTA, the question is how can I configure cram-md5
> and force exim to always ask for auth.


You should read the chapters in the documentation that describe
authentication, starting with chapter 33.
http://www.exim.org/exim-html-4.50/doc/html/spec_33.html#CHAP33

Tony.
--
<fanf@???> <dot@???> http://dotat.at/ ${sg{\N${sg{\
N\}{([^N]*)(.)(.)(.*)}{\$1\$3\$2\$1\$3\n\$2\$3\$4\$3\n\$3\$2\$4}}\
\N}{([^N]*)(.)(.)(.*)}{\$1\$3\$2\$1\$3\n\$2\$3\$4\$3\n\$3\$2\$4}}