I need to do recipient verification against a remote Cyrus LMTP server.
However, Exim never tries to authenticate as client during the callout.
Is this completely impossible or have I only missed some config options
that enable callouts with AUTH?
Here are some snippets of my configuration:
# ACL #
acl_rcpt_to:
deny !verify = recipient/callout=10s,no_cache
# Router #
loc_delivery:
driver = accept
transport = cyrus_lmtp
# Transport #
cyrus_lmtp:
driver = smtp
protocol = lmtp
hosts = imap.example.com
hosts_require_auth = *
# Authenticator #
client_cram:
driver = cram_md5
public_name = CRAM-MD5
client_name = xxxxxx
client_secret = yyyyyyy
And this is the output from "exim -bhc 127.0.0.1"
>>> processing "deny"
>>> check !verify = recipient/callout=10s,no_cache
>>> >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
>>> routing holger@???
>>> calling loc_delivery router
>>> routed by loc_delivery router
>>> fully qualified name = imap.example.com
>>> gethostbyname2 looked up these IP addresses:
>>> name=imap.example.com address=10.0.2.5
>>> Attempting full verification using callout
>>> callout cache: disabled by no_cache
>>> interface=NULL port=24
>>> Connecting to imap.example.com [10.0.2.5]:24 ... connected
>>> SMTP<< 220 imap.example.com LMTP Cyrus v2.3.7 ready
>>> SMTP>> LHLO mx1.example.com
>>> SMTP<< 250-imap.example.com
>>> 250-8BITMIME
>>> 250-ENHANCEDSTATUSCODES
>>> 250-PIPELINING
>>> 250-SIZE
>>> 250-AUTH LOGIN CRAM-MD5 DIGEST-MD5 PLAIN
>>> 250 IGNOREQUOTA
>>> SMTP>> MAIL FROM:<>
>>> SMTP<< 430 Authentication required
>>> SMTP>> QUIT
>>> ----------- end verify ------------
>>> deny: condition test deferred
451 Could not complete recipient verify callout
LOG: H=localhost [127.0.0.1] F=<> temporarily rejected RCPT
holger@???: response to "MAIL FROM:<>" from imap.example.com
[10.0.2.5] was: 430 Authentication required