I've "solved" the problem by telling exim to use ldap directly. I
replaced the LOGIN server by:
#login_server:
# driver = plaintext
# public_name = LOGIN
# server_prompts = "Username:: : Password::"
# server_condition = ${if pam{$auth2:${sg{$auth3}{:}{::}}
}{true}{false}}
# server_advertise_condition = ${if eq{$tls_cipher}{}{false}{true}}
# server_set_id = $auth1
login_server:
driver = plaintext
public_name = LOGIN
server_prompts = Username:: : Password::
server_condition = ${if and{{ \
!eq{}{$auth1} }{ \
ldapauth{\
user="uid=${quote_ldap_dn:$auth1},ou=people,dc=seiner,dc=lan" \
pass=${quote:$auth2} \
ldap://eluonhea1.seiner.lan/} }} }
server_set_id = $auth1
I still have no idea why this was happening but this "solution" seems to
work for all users. The PLAIN server checks using pam and if that fails
it falls through to the LDAP check.
However, pam is set up to authenticate against ldap, so I don't know why
in this particular case that one user was singled out.
I'd feel better knowing why pam+exim would fail to authenticate one
particular user for no apparent reason.
> we have a number of servers, all under CentOS
> I've have the same problem, from time to time, with only one of the
> servers,
> the difference I can see it that it is 64 bit compared to all of the
> others
> that are 32 bit.
>
> Unfortunately up to now we've not yet found the source of the problem
> (most probably the interaction between components).
>
> We did direct tests during time,
> - customer pc gives error
> - other pc at customer site, ok
> - other pc at our location, ok
> - customer pc, on another server, with same account, ok
>
> Problems happened only a very few times and up to now we dealed with it by
> moving customers to another server.
>
> I don't know if this could be your case, but in case it is and you solve
> it
> I'll be interested in the thing.
>
> Flaviano
>
>
>
>
> -----Messaggio originale-----
> Da: exim-users-bounces+info=swwork.it@???
> [mailto:exim-users-bounces+info=swwork.it@exim.org] Per conto di yan
> Inviato: sabato 2 novembre 2013 23:08
> A: exim-users@???
> Oggetto: [exim] One user can't authenticate
>
> I have one user who can't send email. She can receive it via dovecot,
> she can log in, but exim refuses to accept her credentials.
>
> From Mozilla Thuderbird:
> 2013-11-02 14:48:09 plain_server authenticator failed for
> mail.seiner.com [192.168.128.2]: 535 Incorrect authentication data
> (set_id=noriko)
>
> From android phone:
> 2013-11-02 14:53:45 plain_server authenticator failed for
> android-f16cd01f484477db.seiner.lan (infraware.co.kr) [192.168.128.131]:
> 535 Incorrect authentication data (set_id=noriko)
> 2013-11-02 14:53:58 TLS error on connection from
> android-f16cd01f484477db.seiner.lan (infraware.co.kr) [192.168.128.131]
> (send): The specified session has been invalidated for some reason.
>
> I am stumped; all other users work fine, and I can't find anything that
> is unusual about her account.
>
> It's not an MUA issue as it happens from both an android phone and a
> desktop.
>
> Where can I look? AFAIK exim uses the standard linux authentication,
> and this user can log in, retrieve emails from dovecot, but can't send
> through exim. :headscratch:
>
>
> --
> ## List details at https://lists.exim.org/mailman/listinfo/exim-users
> ## Exim details at http://www.exim.org/
> ## Please use the Wiki with this list - http://wiki.exim.org/
>
>
> --
> ## List details at https://lists.exim.org/mailman/listinfo/exim-users
> ## Exim details at http://www.exim.org/
> ## Please use the Wiki with this list - http://wiki.exim.org/
>
> !DSPAM:52766c63233411128611471!
>
>
