Re: [exim] [Fwd: Re: authentication]

Page principale
Supprimer ce message
Répondre à ce message
Auteur: Michael Rouba
Date:  
À: exim-users
Sujet: Re: [exim] [Fwd: Re: authentication]

Michael Rouba schrieb:
> Hello Marco,
> thanks for all your help, it helped .)
>
> Not directly indeed but in the final conclusion it helped.
>
> I now have a /etc/exim4/passwd file with the [user:user:password]
> content. The trick is: cramMD5 uses the 3rd part of the file for
> pasword check while plaintext via tls uses the 2nd part to watch out
> for the userpassword.
>
> Plaintext via TLS still not work on my machine, although i have a cert
> and it is toggled on in the config. Anyway, now i can close the server
> for relaying all nets but not for authenticated users.
>
> Just one, ugly problem left:
> Some email-addresses in the /etc/email-addresses file are written on
> the envelop, and some not. Exampel:
>
> The real domain of the system is "my-domain.com". It has also a
> virtualdomain "virtual-domain.com"
>
> # content of the /etc/email-addresses
> user1: mail@ forgeindomain.com
> user2: mail@???
>
>
> user1 is been perfectly enveloped. Means: The Mails are sent with the
> right "from:"envelop mail@???. It could be even
> mail@??? or anything else.
>
> But using the virtual domains for envelop, does not work. The "from:"
> header is filled with the real-domain of the system.
> mail@???.
>
> Is'nt that strange?

I found in the logs, that the DNS lookup form the smarthost must be
reasonable for it. It looks up the sender Domain (virtual-domain.com)
that points of course to the ip of my root server, who is in reverse
host.my-domain.com. So how can i prevent it? Or better: how can i
ensure, that the senders address is always the account@????
>
>
> -------- Original-Nachricht --------
> Betreff:     Re: [exim] authentication
> Datum:     Mon, 26 Mar 2007 13:47:58 +0200
> Von:     Marco Wessel <marco@???>
> An:     exim-users@???
> Referenzen:     <46059C1E.1080800@???> 
> <BE37A9EE-D74E-4CCB-A62B-D542E5741DC1@???> 
> <4606ABE8.30005@???>

>
>
>
> On Mar 25, 2007, at 7:05 PM, Michael Rouba wrote:
>
> > I have set an Asterix in dc_relay_nets, couse i don't want the clients
> > be authenticated, that was miss understandable how i wrote it, i want
> > the users be authenticated.
> >
>
> I hope that machine isn't internet-connected, because now it's an
> open relay.
>
> > In short: Now the server accepts even mail from clients, when the
> > users
> > are not sending an authentication (login and password). What i
> > want, is
> > the relay permissions by user-authentication, not by host/net
> > ip-authentication.
>
> What, exactly, is the difference between a client and a user? Remove
> the asterisk, make sure dc_relay_nets is empty and make sure that the
> authenticators at the end of the config file aren't commented out.
> Then your server will only accept authenticated clients for relaying.
>
> --
> ## List details at http://www.exim.org/mailman/listinfo/exim-users
> ## Exim details at http://www.exim.org/
> ## Please use the Wiki with this list - http://www.exim.org/eximwiki/
>
>
> --
> Michael Rouba
>
> CSP-Berlin
> Consulting - Systembetreuung - Printmedien
>
> #!/bin/bash
> #
> # Diese Mail wurde Ihnen präsentiert
> # mit freundlicher Unterstützung von
> # Debian GNU/Linux
> #