I guess I am confused on one thing if I use the system accounts for
authentication.
If I set the permissions correctly and assigned permission for
/etc/shadow for the group that exim is in, updated exim.conf to use
authentication...what would cause it to keep asking for the email client
to ask for a password (and not accept that password) when I attempt to
send an email?
To my knowledge I followed the documentation to a 't'. Now I should
ask...do I replace what is under the authentication area or do I add to it?
Thanks
Kevin
Heiko Schlittermann wrote:
> Kevin Davidson <davidscom@???> (Fr 20 Mär 2009 17:04:45 CET):
>
>> Hi Heiko,
>>
>> Yes, it was my email client repeatedly asking for the password.
>>
>> It's not related to Apache that I know of...just threw that in there in
>> case it could be relevant.
>>
>> Are you suggesting to maintain a second password file, and if so, how is
>> that maintained when a new email account is set up. This being the
>> preferred method. If that is the case how do I remove the exim user
>> group from /etc/shadow....and what were the original file permissions
>> for /etc/shadow?
>>
>
> In deed, using system accounts for authentication is not the best idea.
>
> (The /etc/shadow is group owned by "shadow" - on many systems, but
> your's may differ. You should find a reference system and check there.
> May by you can peek at /etc/gshadow.)
>
> If you do not use the system passwords, you're free to do anything you
> want, from plain text password files (containing clear text or crypted
> passwords) to database or LDAP lookups...
>
> A good starting point is the exim documentation (spec.txt), about
> section 34.3 (The PLAIN authentication). There you might replace "dbm"
> with "lsearch" if you want to use plain password files (name:password).
>
> Sorry for not sending a cook book example, but the spec is full of such
> examples and I understood that you're about to learn(!) about exim. :)
>
> Best regards from Dresden/Germany
> Viele Grüße aus Dresden
> Heiko Schlittermann
>
> ------------------------------------------------------------------------
>
>
> No virus found in this incoming message.
> Checked by AVG - www.avg.com
> Version: 8.0.238 / Virus Database: 270.11.21/2014 - Release Date: 03/20/09 06:59:00
>
>