A couple of years ago when I for the very first time tried it, I didn't get
Exim's user authentication working without using a 3rd party piece of
software. Then I found an 'authcheck' program that has been working well so
far. I think the problem was because Exim is running as a non-root user
(which is a must).
So, I'm checking user names against regular user login names and passwords,
not from a separate database.
Now, after upgrading to a newer platform (FC5), I've started getting
messages like this:
authcheck: Deprecated pam_stack module called from service "exim"
Obviously, this is not Exim's fault but of the possibly old-stylish code of
the authcheck utility. Anyway, now I'm wondering which way would be a
correct way to authenticate the users, obviously the method I'm using now
will stop functioning some day.
Currently, my authenticators have the following lines:
# server_condition = "${if pam{$2:$3}{yes}{no}}"
server_condition = ${run{"/usr/exim/bin/authcheck" $2 $3}{yes}{no}}
server_set_id = $2
The commented-out line above is obviously the way I've tried at first, but
it didn't work. 'authcheck' is is an external suid-to-root executable, that
works so far.
I think I've found the authcheck source from
http://www.stormbirds.org/authcheck.cxx
but now the whole site does not work, so I don't know if there is an updated
version.
I'm using Exim 4.60.
How are you others doing this?
--
TiN
