For all intents and purposes, I used the recipe at
http://wiki.exim.org/AuthenticatedSmtpUsingMysql to create an SMTP-Auth
Exim server that uses MySQL to authenticate with a remote database, but I
also have my Exim configuration below.
The problem is that some versions (but not all!) of Outlook and Outlook
express are not able to authenticate. On the surface, I have one version
of OE that works (6.00.2900.2180), and another computer running the exact
same version that doesn't. All their settings are the same. They're both
behind the same NAT router, so both computers have the same public IP
address. On this LAN I also have Evolution 2.28.1 that authenticates just
fine for outgoing mail. Some of our customers complain that they can't
authenticate either, but when I check our logs, I can see other customers
who authenticate without any issues.
When a user who can't authenticate makes the attempt, I get exim
rejectlogs like this:
2010-02-22 12:15:53 login authenticator failed for XXX.cipherkey.net
(i5e7f2e9ef8314) [209.205.XXX.XXX]: 535 Incorrect authentication data
(set_id=USERNAME)
The set_id=USERNAME is correct for that username, so I'm certain that
Outlook Express is encrypting the Username and Password correctly in
Base64. There is no extraneous whitespace.
The kicker for me though, is that when I try to use my own login name and
password manually, first by encrypting the username/password at
http://www.opinionatedgeek.com/DotNet/Tools/Base64Encode/Default.aspx then
doing the following through telnet, it also fails:
ehlo HOSTNAME
250-localhost.localdomain Hello HOSTNAME [206.12.XX.XX]
250-SIZE 52428800
250-PIPELINING
250-AUTH PLAIN LOGIN
250 HELP
auth login
334 VXNlcm5hbWU6
ENCUSER
334 UGFzc3dvcmQ6
ENCPASS
535 Incorrect authentication data
So I'm at a loss as to what's wrong here. My understanding is that the
Outlook family uses AUTH LOGIN, so this should work. Or Outlook Express
should always fail.
Here's my Exim configuration that's relevant to SMTP-Auth:
plain:
driver = plaintext
public_name = PLAIN
server_prompts = :
server_condition = "${if and { \
{!eq{$2}{}} \
{!eq{$3}{}} \
{crypteq{$3}{${lookup mysql{SELECT password FROM mailbox WHERE
username='${quote_mysql:$2}' }{$
value}fail}} }} {yes}{no}}"
server_set_id = $2
login:
driver = plaintext
public_name = LOGIN
server_prompts = "Username:: : Password::"
server_condition = "${if and { \
{!eq{$2}{}} \
{!eq{$3}{}} \
{crypteq{$3}{${lookup mysql{SELECT password FROM mailbox WHERE
username='${quote_mysql:$2}' }{$
value}fail}} }} {yes}{no}}"
server_set_id = $1