[exim] authentication against SASL

Top Page
Delete this message
Reply to this message
Author: Johannes Nohl
Date:  
To: exim-users
Subject: [exim] authentication against SASL
Dear list,

I'm trying to configure Exim version 4.69 on OpenSuse 10.3 to
authenticate against cyrus SASL2. SASL works well.

# testsaslauthd -u user -p password -f /var/run/sasl2/mux

returns: 0: OK "Success."

According to http://wiki.exim.org/AuthenticatedSmtpUsingSaslauthd I
added to exim.conf:

# ACL

  accept  authenticated = *
          control       = submission



# AUTHENTICATION CONFIGURATION

plain:
driver = plaintext
public_name = PLAIN
server_set_id = $2
server_condition = ${if saslauthd{{$2}{$3}}{1}{0}}
server_advertise_condition = true

login:
driver = plaintext
public_name = LOGIN
server_prompts = "Username:: : Password::"
server_condition = ${if saslauthd{{$1}{$2}}{1}{0}}
server_set_id = $1
server_advertise_condition = true

I don't know how to ask exim what's the path of the compiled in sasl
socket. But looking inside the exim binary I found /var/run/sasl2/mux.
That makes me thinking that sasl support and the right socket is
compiled in.

Using the user and password of testsaslauthd above I can't send mails.
Thunderbird asks for user and pass but giving the right values sending
fails. The logs say:

# tail /var/log/exim/reject.log:
2008-03-14 13:30:32 plain authenticator failed for ([192.168.xx.xx])
[91.xx.xx.xx]: 535 Incorrect authentication data

No entry in panic.log.

# tail /var/log/exim/mail.log:
2008-03-14 13:46:14 no host name found for IP address 91.xx.xx.x
2008-03-14 13:46:17 plain authenticator failed for ([192.168.xx.xx])
[91.xx.xx.xx]: 535 Incorrect authentication data

I don't know where to look now. Is the server_condition right? exim
doc in packages recommends

server_condition = ${if saslauthd{{$auth1}{$auth2}}}

What is right? $auth1 or $1??

Thanks for your help!