On Fri, 27 Oct 2006 10:00:25 +0200, Hadron Quark
<hadronquark@???> wrote:
>I have configured exim4 to use smarthost for sending mails. I have,
>succesfully, configured it to use procmail_pipe to intercept local
>destinations - e.g I can "mail" from the Linux command line to
>"root@locahost" and procmail is invoked by exim4 to deliver to my local
>maildirs.
>
>The problem I have is that, using "mail" as opposed to my smtpmail
>package in gnus and thus using exim4, the smarthost authentication is
>failing. It worked twice and then stopped working.
>
>Here is the logline I get:
>
>2006-10-27 09:33:21 1GdMDG-0001tT-D9 ** hadronquark@???
>R=smarthost T=remote_smtp_smarthost: SMTP error from remote mail server
>after MAIL FROM:<hadron@fujitsu> SIZE=1369: host gmail-smtp.l.google.com
>[66.249.93.111]: 530 5.5.1 Authentication Required c1sm157417ugf
That looks like your exim is not trying to authenticate.
http://wiki.debian.org/PkgExim4UserFAQ#head-c1af64f5f8594bec680ed64a199607afb8e1c084
might help here.
>Here is the HowTo I followed, changing the port selected by the client
>to 587 for gmail's smtp servers. I have set up my passwd.client file.
>
>http://www.lexspoon.org/linux/smtp-relay.html
That HOWTO is actually quite bad. A critique of it can be found in
http://wiki.debian.org/PkgExim4UserFAQ#head-143dbe79ffa3848284fbd0b0a2bb78dae3d75a18.
>Possibly something to do with authentication file generated by
>"/usr/share/doc/exim4-base/examples/exim-gencert"
Not at all. A certificate is not needed if all you want to do is
authenticate as a client.
> - should I have even
>run that keeping in mind that I'm not running a receiving smtp server -
>only a client.
It does not hurt, but it is not needed.
>| Next, set up the client to send all outgoing mail via the relay host. Install exim4 and set it to use your relay server as a smarthost. Edit /etc/exim4/passwd.client and put in your username and password, something like:
>|
>| ### CONFDIR/passwd.client
>| #
>| # Format:
>| #targetmailserver.example:login:password
>| #
>| # default entry:
>| ### *:bar:foo
>| *:USERNAME:PASSWORD
That is correct, and the * keeps you from hitting the trap mentioned
in
http://bugs.debian.org/244724 and
http://pkg-exim4.alioth.debian.org/README/exim4-config_files.5.html#/etc/exim4/passwd.client
>| Finally, hack your exim4.conf.template to use port 26 instead of 25. Find the section for remote_smtp_smarthost and add port = 26 to it. In my file it looks like this:
>|
>| remote_smtp_smarthost:
>| debug_print = "T: remote_smtp_smarthost for $local_part@$domain"
>| driver = smtp
>| hosts_try_auth = ${if exists {CONFDIR/passwd.client}{DCsmarthost}{}}
>| tls_tempfail_tryclear = false
>| DEBCONFheaders_rewriteDEBCONF
>| DEBCONFreturn_pathDEBCONF
>| port = 26
>|
>| That should be it. Now mail sent locally will get relayed via port 26 on your relay host.
Please note that your third-party HOWTO gives the bad advice of
delivering to port tcp/26. smtp.google.com only listens on Ports
tcp/25 and tcp/587.
I have just checked: smtp.google.com offers STARTTLS and only
advertises SMTP AUTH after the connection has been encrypted. Thus,
the Debian exim4 should be able to authenticate fine. I have verified
both with swaks and exim4 that authentication works.
The only trap that I can see is that smtp.google.com is a CNAME, so
you'll need to either put an asterisk in your passwd.client line or
explicitly name the reverse DNS name of smtp.google.com, which is
(today) gmail-smtp.l.google.com.
May I ask why you chose to ignore all Debian documentation and instead
went to honor a third-party HOWTO that clearly shows that its author
is not familiar with Debian's exim packages?
Greetings
Marc
--
-------------------------------------- !! No courtesy copies, please !! -----
Marc Haber | " Questions are the | Mailadresse im Header
Mannheim, Germany | Beginning of Wisdom " | http://www.zugschlus.de/
Nordisch by Nature | Lt. Worf, TNG "Rightful Heir" | Fon: *49 621 72739834
