Oh dear.
Thank you all very much for your suggestions, everyone. As it turns out, I'm
chasing the wrong thing. Outlook obviously sends it's auth details in a
different format, as is evidenced by what I can see from the debug logs:
From thunderbird:
15925 Calling gnutls_record_recv(622470, 624660, 4096)
15925 SMTP<< AUTH PLAIN *string*
15925 Running PAM authentication for user "acal030"
15925 PAM success
15925 plain authenticator:
15925 $auth1 =
15925 $auth2 = acal030
15925 $auth3 = *password*
15925 $1 =
15925 $2 = acal030
15925 $3 = *password*
15925 expanded string: true
15925 SMTP>> 235 Authentication succeeded
And when coming from outlook:
15932 Calling gnutls_record_recv(622470, 624440, 4096)
15932 SMTP<< *string*
15932 SMTP>> 334 UGFzc3dvcmQ6
15932 tls_do_write(5de8e0, 18)
15932 gnutls_record_send(SSL, 5de8e0, 18)
15932 outbytes=18
15932 Calling gnutls_record_recv(622470, 624440, 4096)
15932 SMTP<< eXVtNDJ2Nm8=
15932 Running PAM authentication for user "*password*"
15932 PAM error: Error in service module
15932 login authenticator:
15932 $auth1 = acal030
15932 $auth2 = *password*
15932 $1 = acal030
15932 $2 = *password*
15932 expansion failed: Error in service module
15932 SMTP>> 435 Unable to authenticate at present
I assume there is something wrong with the auth definitions in exim.conf...
begin authenticator
plain:
driver = plaintext
public_name = PLAIN
server_prompts = :
server_condition = ${if pam{${extract{1}{@}{${auth2}}}:${sg{$auth3}{:}{::}}}}
server_set_id = $auth2
login:
driver = plaintext public_name = LOGIN
server_prompts = Username:: : Password::
server_condition = ${if pam{${extract{1}{@}{${auth2}}}:${sg{$auth3}{:}{::}}}}
server_set_id = $auth1
Anyone have any suggestions as to how to clean that up, or am I barking up the
wrong tree again?
---
Drew Calcott
Linux System Administrator
Science IT
University of Auckland
(p) +64 9 373 7599 x84269
Chambers, Phil wrote:
>
>> -----Original Message-----
>> From: exim-users-bounces@???
>> [mailto:exim-users-bounces@exim.org] On Behalf Of Drew Calcott
>> Sent: Tue 09 December 2008 01:25
>> To: exim-users@???
>> Subject: [exim] Outlook, Exim and TLS.
>>
>> I'm having a problem on our department mail server with
>> trying to get Outlook
>> 2k3 and 2k7 to send mail with TLS.
>>
>
> I set our exim up with 2k3 and have not had reports of problems with 2k7.
>
> As has already been reported 2k3 takes the SSL option to mean TLS when the port is 25 and SSL on any other port. So, I set up exim to listen on ports 25 and 25, 465 and 587, with the option 'tls_on_connect_ports 465'. (Port 465 is the accepted port for SMTPs.)
>
> You did not mention authenticated SMTP but I believe 2k3 requires LOGIN. I have an authenticator based on section 34.4 in the Exim spec. It contains the following:
>
> login:
> driver = plaintext
> public_name = LOGIN
> server_prompts = Username:: : Password::
> server_condition = ${if .....}
> server_set_id = $1
> server_advertise_condition = ${if .....}
>
> $1 contains the username and $2 contains the password.
>
> You then configure Outlook to use SSL on port 465. Do not tick the SPA option.
>
> Hope this helps,
>
> Phil.
> --------------------
> Phil Chambers
> Postmaster
> University of Exeter
>
