Re: [exim] Why doesn't Exim authenticate against IMAP direct…

Top Page
Delete this message
Reply to this message
Author: Marc Perkel
Date:  
To: exim-users
Subject: Re: [exim] Why doesn't Exim authenticate against IMAP directly?
Lanny - thanks for your help. How would you do this with an SSL connection?

Lanny Jason Godsey wrote:

>If you're going to go through the trouble of making an IMAP
>authenticator, maybe this will give you some help.
>
>First, the reason I think it's a bad idea is that it adds complexity,
>and isn't a standard practice.
>
>That said, I'd look into setting up perdition to use as a IMAP proxy
>which has it's own rules for which backend server to send requests for
>authentication. Perdition will also auto append, strip domains etc.
>
>Second, I'd use the power of Exim's embedded perl and make something
>with Imap::Simple
>
>perl_startup = do '/etc/exim/perl.pl'
>
>*** contents of /etc/exim/perl.pl ***
>#!/usr/bin/perl
>
>use Net::IMAP::Simple;
>
>sub imapLogin {
>    my $account = shift;
>    my $password = shift;

>
>    # open a connection to the IMAP server
>    my $server = new Net::IMAP::Simple( '127.0.0.1' ); # run Perdition
>on localhost.

>
>    # login, if success return 1 (true?) and 0 (false?)
>    if ($server->login( $account, $password )) {
>       return 1;
>    } else {
>       return 0;
>    }

>
>    $server->close();

>
>}
>
>*** end perl.pl ***
>
>then for authenticators something like:
>
>login:
> driver = plaintext
> public_name = LOGIN
> server_prompts = "Username:: : Password::"
> server_condition = "${if ${perl imapLogin{{$1}{$2}} {1}}}"
> server_set_id = $1
>
>Now, I'm not a perl monk or exim wizard, but I think the general idea
>is sound.
>
>I hope someone with more knowledge will reply to this and give any
>pointers just so the mail archive is complete.
>
>--- Marc Perkel <marc@???> wrote:
>
>
>
>>Maybe I'm missing something about why this won't work but it seems to
>>me
>>like it would be a good feature.
>>
>>I am currently using Cyrus SASL to do Exim SMTP athentication. It's
>>configured to do an IMAP call so anyone who has an IMAP account can
>>use
>>their IMAP login name and password to send email through Exim.
>>
>>So - why use SASL? Why not have Exim talk directly to the IMAP port
>>and
>>attempt to authenticate? If is succeeds then it lets the user send
>>email. Seems simple enough - so why wouldn't this be as easy as I
>>think
>>it is?
>>
>>
>>--
>>## List details at http://www.exim.org/mailman/listinfo/exim-users
>>## Exim details at http://www.exim.org/
>>## Please use the Wiki with this list - http://www.exim.org/eximwiki/
>>
>>
>>
>
>
>
>


--
Marc Perkel - marc@???

Spam Filter: http://www.junkemailfilter.com
    My Blog: http://marc.perkel.com