On 2012-09-07 at 23:20 -0500, F. Mendez wrote:
> I’ve tried ALL wiki and document help from exim.org and can’t make smtp login to work. I’ve tried plain text, login. And nothing. I’ve already installed cyrus-imap & cyrus-sasl, cyrus-md5, cyrus-sasl-plain....and nothing.
>
> I really really need the help of you guys.
>
> If ANYONE may be gentle to help to have exim 4.80 with the following working: plain text, login, cram-md5, cram-sh1 and TLS for POP, IMAP and SMTP. I would be really thankfull.
I have Cyrus storing authentication data in /usr/local/etc/sasldb2; the
daemons for authentication with Cyrus don't help, because they don't
provide the plaintext password, which is needed for the cram-* methods.
So I use a filesystem ACL (man getfacl(1), setfacl(1)) to grant
user:exim:r-- access to the sasldb2 file, so that the Exim runtime user
can access the file too.
Then in the Exim configuration file (given with "exim --version"), after
the "begin authenticators" line (and before the next "begin" line):
auth_digest_md5:
driver = cyrus_sasl
public_name = DIGEST-MD5
server_hostname = smtp.spodhuis.org
# need the realm used after @ in the sasldb2 file:
server_realm = imap.spodhuis.org
server_advertise_condition = ${if and{\
{!def:authenticated_id}\
{forany{465:587}{=={$received_port}{$item}}}\
{def:tls_cipher}\
} {yes}{no}}
You can repeat that, with a different public_name (and authenticator
_name_) for other auth methods.
That gets Exim; for POP3 and IMAP, you need to configure Cyrus IMAPd; in
imapd.conf:
servername: imap.spodhuis.org
sasl_pwcheck_method: auxprop
sasl_auxprop_plugin: sasldb
So I think (but it's been years since I set it up) the same servername
from imapd.conf is what you will need to set as the server_realm in
Exim, because it's used in the keys for storing data in sasldb2.
-Phil
