Re: [exim] SMTP authentication with Courier userdb

Kezdőlap
Üzenet törlése
Válasz az üzenetre
Szerző: Juha Saarinen
Dátum:  
Címzett: Wayne Pascoe
CC: exim-users
Tárgy: Re: [exim] SMTP authentication with Courier userdb
On 7/11/06, Wayne Pascoe <exim@???> wrote:
>
> Hi all,
>
> I'm re-looking at this setup I am migrating, and I'm wondering if
> another option would work... That's exim authenticating against
> courier's userdb.
>
> I'm already using courier userdb to authenticate for imap, but if I
> could find a way to have exim authenticate against this for SMTP as
> well, that would solve having to allow the exim user read access to
> my shadow file.
>
> Any pointers would be much appreciated!
>
>


This SMTP AUTH setup works for me:

######################################################################
#                   AUTHENTICATION CONFIGURATION                     #
######################################################################


# There are no authenticator specifications in this default configuration
file.

begin authenticators
# Authenticator for UNIX clients
plain:
        driver = plaintext
        public_name = PLAIN
        server_condition = ${if eq
{${readsocket{/var/run/authdaemond/socket}\
        {AUTH
${strlen:exim\nlogin\n$2\n$3\n}\nexim\nlogin\n$2\n$3\n}}}{FAIL\n} {no}{yes}}
        server_set_id = $2


# Windaz Auth
login:
        driver = plaintext
        public_name = LOGIN
        server_prompts = Username:: : Password::
        server_condition = ${if eq
{${readsocket{/var/run/authdaemond/socket} \
        {AUTH
${strlen:exim\nlogin\n$1\n$2\n}\nexim\nlogin\n$1\n$2\n}}}{FAIL\n} {no}{yes}}
        server_set_id = $1


# End of Exim configuration file

Not specifically userdb, but courier-authlib which I think does what you're
asking for. Very typo-prone though, so be careful. Also make sure your Exim
user has the appropriate rights to the authdaemond socket, and be aware that
the authentication can be a bit slow with some clients, like Thunderbird,
whereas Outlook just zooms through the whole process... not sure why this
is.


--

Juha
www.geekzone.co.nz/juha