Re: [exim] Authenticate to saslauthd

Top Page
Delete this message
Reply to this message
Author: Daniel Aquino
Date:  
To: exim-users, Daniel Aquino
Subject: Re: [exim] Authenticate to saslauthd
How come when I turn off the advertising, does authentication always pass.

Even though the AUTH command doesn't work cause its not advertised???

Here is my output of smtptest without advertising:

---------------------------------
smtptest -a daniel@??? -v localhost

S: 220 mockingbird.bayshorenetworks.com ESMTP Exim 4.68 Mon, 14 Jan
2008 19:36:18 -0500
C: EHLO example.com
S: 250-mockingbird.bayshorenetworks.com Hello localhost [127.0.0.1]
S: 250-SIZE 52428800
S: 250-PIPELINING
S: 250-STARTTLS
S: 250 HELP
Authenticated.
Security strength factor: 0
C: QUIT
Connection closed.
----------------------------------------------

I mean it's obviously not advertising AUTH PLAIN but yet it says
Authenticated...

Is that just a smtptest oddity ?

On Jan 14, 2008 2:21 AM, Phil Pennock <exim-users@???> wrote:
> On 2008-01-14 at 01:07 -0500, Daniel Aquino wrote:
> > But why wouldn't localhost connections be aloud to get away without
> > tls connects ?
>
> Because you configured it that way.
>
> server_advertise_condition needs to evaluate to true before the
> authentication type is offered. The right-hand-side is a string
> expansion. If you say "1", it's offered. If you say "$tls_cipher must
> have been defined", then it's only advertised if TLS security is in
> place.
>
> If a connection from localhost is sufficient, then try:
>
>   server_advertise_condition = ${if or{\
>         {match_ip{$sender_host_address}{@[]}}\
>         {def:tls_cipher}}}

>
> So either the IP address which the connection is coming from needs to be
> one of the IP addresses of the host itself or $tls_cipher must have been
> defined.
>
> -Phil
>