Re: [exim] CRAM-MD5 and NTLM suddenly stopped working

Pàgina inicial
Delete this message
Reply to this message
Autor: Jakob Hirsch
Data:  
A: 'Exim-users'
Assumpte: Re: [exim] CRAM-MD5 and NTLM suddenly stopped working
Noah Meyerhans wrote:

>   spa:
>     driver = spa
>     public_name = NTLM
>     server_password = ${lookup{$1}dbmnz{/etc/exim/passwd}}


Anyone with an arbitrary username and empty password can send mails
through your server (in case you don't believe it, look into your logs).
This should really be "${lookup{$1}dbmnz{/etc/exim/passwd}{$value}fail}"
like in the cram-md5 authenticator.
I know it is still that way in the spec. Hopefully someone changes it soon.

Besides that, it looks ok and works here that way. I'm using lsearch
instead of dbmnz, though. You are sure you ran exim_dbmbuild with the
-nozero option the last time you updated passwd?

>  4253 lookup yielded: <my_password>
>  4253 CRAM-MD5: user name = noahm
>  4253           challenge = <4253.1122936460@???>
>  4253           received  = a2f19773f6bed6fd8fb93cca29b12c30
>  4253           digest    = f4dadcdd3b8b41c8ebe7553f047a1889


Please put a temporary entry in passwd, try to authenticate and post the
output here, so we can see which one is wrong here.