Re: [exim] NIS Auth not working

Góra strony
Delete this message
Reply to this message
Autor: Phil Pennock
Data:  
Dla: kmb
CC: exim-users
Temat: Re: [exim] NIS Auth not working
On 2008-09-21 at 22:10 -0400, kmb wrote:
> This is all running on a RH ES4 64Bit server
>
> any pointers on what to look for are welcome.


Run a fake SMTP session with debugging, connect and authenticate.

exim -d+auth -bS

For the authentication, the plaintext is sent as a base64 string. If we
ignore all the normalisation to deal with non-ASCII characters then the
string is made up of three components separated by ASCII NUL:

* authorization ID: leave this empty
* authentication ID: the user whose password is given
* password

So for user "phil" with password "fred" you want to send the
base64-encoded form of "\000phil\000fred", or:
perl -MMIME::Base64 -le 'print encode_base64("\000phil\000fred")'
or:
AHBoaWwAZnJlZA==

So after the EHLO response, you'd send:

AUTH PLAIN AHBoaWwAZnJlZA==

which should provide lots of debugging information about what's
happening and why.

In this case, you're lucky that you don't have:
server_advertise_condition = ${if def:tls_cipher}
in your config, but you might want to consider a set-up where the
NIS password doesn't travel across the wire in nothing more than base64
wrapping.

-Phil