Re: [exim] Current solutions for smtp auth via pam

Top Page
Delete this message
Reply to this message
Author: Paul Dekkers
Date:  
To: Jochen Gensch
CC: exim-users
Subject: Re: [exim] Current solutions for smtp auth via pam
Hi,

Jochen Gensch wrote:
> I decided to switch to system users, since this is a small server here
> and though easier to maintain. You can imagine what I ran into, the pam
> auth issue. From what I have learned so far, Exim cannot authenticate
> against pam, because it runs (per default) as a non root user and these
> are not allowed to access pam auth modules. After reading up on this on
> the internet no simple solutions (except runnning exim as root) has
> showed up, yet. I would like to use the pam_exim module mentioned in the
> FAQ, but I can't compile it on my FreeBSD 6.0 system :-(. Are there any
> solutions to this at this point of time?
>


As others suggested you could try sasl (especially if you need it
anyway). (If you're using the FreeBSD ports for exim you'll find sasl is
not included by default. And even after including it I had the same
errors about a facility.)

While having the same problems I stumbled upon a different pam module,
that doesn't need to run as root: pam_pop3 (it's in the ports). I'm
using that now: since everybody I'd like to authenticate for smtp has an
imap/pop3-account... then I let that server handle the authentication.
Apart from the exim config I only need a /etc/pam.d/exim:
auth            required        /usr/local/lib/pam_pop3.so     
hostname=localhost info


Sasl would have been better for me, since I need it anyway for Cyrus,
but well... this was a quick fix at the time.

Paul