Re: [exim] Authentication on port 587 and 25

Page principale
Ce message fait partie du fil suivant :
M\Arborescence complète du fil triée par date
MMW B Hacker à <-
MJohn Jetmore à ->
Supprimer ce message
Répondre à ce message
Auteur: Rick Boucher
Date:  
À: exim-users
Sujet: Re: [exim] Authentication on port 587 and 25

On Jun 18, 2010, at 11:44 AM, Odhiambo Washington wrote:

>
>
> On Fri, Jun 18, 2010 at 9:28 PM, Rick Boucher <rboucher@???> wrote:
> I have authentication working on port 465.
>
> How can I get it working on port 587 and 25?
>
>
> Why did you limit it to port 465? Just change the rule that causes the limitation and also make sure you do not force every host to authenticate if you are accepting external mail.
>
>
> --
> Best regards,
> Odhiambo WASHINGTON,
> Nairobi,KE
> +254733744121/+254722743223

I did not mean to limit authentication to port 465. I just don't know what rulle to change to get authenitcation on port 587.

As I understand it (and by all means correct me please) tls deals with the authentication and ssl deals with the certificate. I want my users to be able to authenicate while traveling but not have to use a certificate.

From my exim.conf
-------------------------------------------------------
# Allow any client to use TLS.
tls_advertise_hosts = *
tls_try_verify_hosts = *


daemon_smtp_ports = 25 : 465 : 587
tls_on_connect_ports = 465

tls_verify_certificates = /etc/exim/certs/cacert.pem
tls_certificate = /etc/exim/certs/my.crt
tls_privatekey = /etc/exim/certs/mycert.key
log_selector = +tls_peerdn 


received_header_text = "Received: \
    ${if def:sender_rcvhost {from ${sender_rcvhost}\n\t}\
    {${if def:sender_ident {from ${sender_ident} }}\
    ${if def:sender_helo_name {(helo=${sender_helo_name})\n\t}}}}\
    by ${primary_hostname} \
    ${if def:received_protocol {with ${received_protocol}}} \
    ${if def:tls_cipher {($tls_cipher)\n\t}}\
    ${if def:tls_peerdn {($tls_peerdn)(verified=$tls_certificate_verified)\n\t}} \
    (Exim ${version_number} #${compile_number})\n\t\
    id ${message_id}\
    ${if def:received_for {\n\tfor $received_for}}"



auth_advertise_hosts = ${if eq {$tls_cipher}{}{}{*}}

acl_check_rcpt:

# Added by Rick
accept hosts = : 

  deny    local_parts   = ^.*[@%!/|] : ^\\.


  accept  local_parts   = postmaster
          domains       = +local_domains


  accept  hosts         = +relay_from_hosts


accept authenticated = * 

  warn  log_message = verified peer dn $tls_peerdn
        condition = $tls_certificate_verified


accept condition = $tls_certificate_verified

#End add by Rick


-------------------------------------------------------

I can send via 25 and 587 just fine if I don't try to authenticate. To authenticate I have to use 465 and ssl.

So what do I need to change?

Rick
Ce message a été envoyé sur les listes de diffusion suivantes :
Exim-users
Informations sur la liste de diffusion | Messages voisins		<-Re: [exim] DKIM, Mailing-lists and signing lengthsRe: [exim] Authentication on port 587 and 25->
Tahini and Hummus and Cumin Development Archives administré par cumin AdminsLurker (version 2.3)