Re: [exim] Exim4 + fixed_cram

Page principale
Supprimer ce message
Répondre à ce message
Auteur: Wolfgang Breyha
Date:  
À: exim-users
Sujet: Re: [exim] Exim4 + fixed_cram
On 21/01/14 12:37, basti wrote:
> I have installed Exim4 on my Debian Wheezy. All is running fine.
> Now I try to use "fixed_cram" authenticator for more security.
> [...]
> 250-AUTH LOGIN
> 250-STARTTLS


Not announcing plaintext AUTH mechs on unencrypted connections would make
your setup much more secure then adding CRAM-MD5;-)

You can do that by adding
server_advertise_condition = ${if eq{$tls_cipher}{}{no}{yes}}
to your LOGIN/PLAIN authenticators.

Start exim with -d-all+auth for debugging. See
> http://exim.org/exim-html-current/doc/html/spec_html/ch-the_exim_command_line.html

for more debugging switches.

Greetings, Wolfgang
--
Wolfgang Breyha <wbreyha@???> | http://www.blafasel.at/
Vienna University Computer Center | Austria