Noah Meyerhans wrote:
> spa:
> driver = spa
> public_name = NTLM
> server_password = ${lookup{$1}dbmnz{/etc/exim/passwd}}
Anyone with an arbitrary username and empty password can send mails
through your server (in case you don't believe it, look into your logs).
This should really be "${lookup{$1}dbmnz{/etc/exim/passwd}{$value}fail}"
like in the cram-md5 authenticator.
I know it is still that way in the spec. Hopefully someone changes it soon.
Besides that, it looks ok and works here that way. I'm using lsearch
instead of dbmnz, though. You are sure you ran exim_dbmbuild with the
-nozero option the last time you updated passwd?
> 4253 lookup yielded: <my_password>
> 4253 CRAM-MD5: user name = noahm
> 4253 challenge = <4253.1122936460@???>
> 4253 received = a2f19773f6bed6fd8fb93cca29b12c30
> 4253 digest = f4dadcdd3b8b41c8ebe7553f047a1889
Please put a temporary entry in passwd, try to authenticate and post the
output here, so we can see which one is wrong here.
