On 2011-10-08 at 13:28 +0100, Colin wrote:
> email@???:$1$SgeC%ghWgjwRfksWFAKefgnl432GI74::
>
> (for reference I have made up most of the characters in the password
> string so it is not a valid password)
>
> I have then copied this to a Centos 6 server as /etc/exim/passwd. The
> server is running a fairly standard copy of Exim, but I don't seem to be
> able to get password authentication to work.
>
> I have dug up several guides, but they all seem to talk about using md5
> passwords or PAM into the system accounts. None of these accounts are or
> should be in the normal /etc/passwd.
For PAM, there's a "pam_pwdfile" module:
http://www.cpbotha.net/pam_pwdfile.html
which I've used in the past for software other than Exim. For that,
it's usercode:crypted format, so you'll need to lose the trailing empty
fields.
If you wish to remove PAM, note that Exim's crypteq{}{} expansion
condition will use the system crypt() routine (if the crypted content
does not start with an LDAP-style tag); most modern systems use that $1$
style crypt-tagging syntax for their native crypt() routine. So again,
if you remove those trailing colons, you can do this easily enough.
Then you'd have something like (untested):
auth_plain:
driver = plaintext
public_name = PLAIN
server_advertise_condition = ${if def:tls_cipher}
server_prompts = :
server_condition = ${lookup{$auth2}lsearch{/etc/exim/passwd}\
{${if crypteq{$auth3}{$value}}} {false}}
server_set_id = ${quote:$auth2}
-Phil
