Re: [exim] gmail with exim

Startseite
Nachricht löschen
Nachricht beantworten
Autor: Mike Cardwell
Datum:  
To: Exim Mailing List
Betreff: Re: [exim] gmail with exim
Nigel Metheringham wrote:

>> I've found similar config for a single user relay. But how do I relay
>> through gmail with multiple gmail accounts
>
> This is going to be difficult because gmail requires authentication,
> and will rewrite the sender if the authenticated user does not have
> the sender as one of their registered email addresses.
>
> So to do this you need a full set of usernames *AND* passwords for
> your users to authenticate to gmail. Thats really not good for many
> reasons.


Hmmm ... You know, you could do some *evil* stuff here. Say I had an
account on their server:

Username: mike
Password: foobar

And say I wanted to relay through the gmail account:

Username: mike@???
Password: wibble

If I authenticated against the Exim box with something like:

Username: mike+mike@???
Password: foobar+wibble

Then in the server part of the authenticator I could strip out "mike"
and "foobar" from auth1 and auth2, to do the authentication, and then
store "mike@???" and "wibble" using server_set_id. Then when it
came round to doing the client authentication it could use those values
that were stored during the initial client->exim delivery.

Of course, which character you use to separate the two usernames and two
passwords would depend on the environment. "+" may not be suitable.

Example (Completely untested):

PLAIN:
   driver             = plaintext
   server_set_id      = username=${sg{$auth2}{\N^.+?\+(.+)\N}{\$1}}\n\
                        password=${sg{$auth3}{\N^.+?\+(.+)\N}{\$1}}
   server_prompts     = :
   server_condition   = ${if pam{\
                           ${sg{$auth2}{\N^(.+?)\+.+\N}{\$1}}\
                           :\
                           ${sg{$auth3}{\N^(.+?)\+.+\N}{\$1}}\
                        }{1}{0}}
   client_send        = ^${extract{username}{$authenticated_id}}\
                        ^${extract{password}{$authenticated_id}}


Mike