On Sat, Sep 8, 2012 at 12:59 PM, F. Mendez <fmendez73@???> wrote:
> Thanks Phil, already tried it but didn't worked.
>
> Any other possible solutions? At least to have it with TLS and no openrelay
> and user/pass combo?
Those are two separate things:
1) TLS means that it will use encryption. There are typically two
types: STARTTLS (where you connect with plain text and then switch to
encryption when the STARTTLS command is sent) and TLS on connect
(where the connection is assumed to be an encrypted connection from
the beginning). Typically port 25 and 587 are for STARTTLS and port
465 is used for TLS on connect (though port 465 seems to always be
used here, it's not an official standard).
2) user/pass is done via a variety of methods: PLAIN, LOGIN (both
plain text and the password can be stored on the server in an
encrypted form), and the CRAM and SASL formats (both require the plain
text password to be stored on the server because it's used as part of
the negotiation back to the client).
It's not entirely clear which (or both) you consider the bigger
problem to work on. I'll completely ignore the STARTTLS issue right
now and focus on the authentication failing.
It would be most helpful for us if you can simulate a connection.
First, do a little prep work using a known username and password (that
should work):
$ printf 'user\0user\0pass' | mimencode
dXNlcgB1c2VyAHBhc3M=
(You might need to add a "-d" to the command below and it will spit
out copious amounts of debugging information.)
Use the value above in the command sequence below:
exim -bh some.ip.addr.ess
EHLO some.host.name
AUTH PLAIN dXNlcgB1c2VyAHBhc3M=
It would normally respond with a success, but in your case, it will
fail. What's important is all the things that it does after you press
enter will tell us what it is doing and possibly indicate what is
going wrong.
The above info came from
http://enc.com.au/2005/03/postfixmysql/. It
also describes how to do AUTH LOGIN because you may accidentally have
one working but not the other.
Finally, post your exim.conf here (obfuscate any passwords) so we can
see if there is something obvious.
...Todd
--
The total budget at all receivers for solving senders' problems is $0.
If you want them to accept your mail and manage it the way you want,
send it the way the spec says to. --John Levine
