------- You are receiving this mail because: -------
You are on the CC list for the bug.
http://bugs.exim.org/show_bug.cgi?id=1498
Phil Pennock <pdp@???> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|NEW |ASSIGNED
--- Comment #1 from Phil Pennock <pdp@???> 2014-06-29 00:53:59 ---
The failure message says that Cyrus is rejecting the authentication, which is
happening entirely outside of Exim. You're into Cyrus configuration issues.
If there's a parameter which Exim should be setting to make Cyrus happy, that's
an Exim issue but I'll need pointers (the clue stick).
May I suggest trying out Exim's native support for the Heimdal implementation
of Kerberos? Or is Debian using MIT's implementation? (Patches to support
MIT's implementation welcome, I've no idea what might be needed, there's only
one small non-standard function call used).
The OP in 752853 is running `4.80-7`. Exim 4.80 introduced the
`heimdal_gssapi` authenticator.
http://www.exim.org/exim-html-current/doc/html/spec_html/ch-the_heimdalgssapi_authenticator.html
If authentication fails with that too, then at least `exim -d+auth` should
enable more information about what's happening, as closely as the data is
exposed to Exim. Since Kerberos is working for other apps, I suspect that
cross-realm trusts are all already correctly established and it should just
work, but I've never tried it myself.
--
Configure bugmail:
http://bugs.exim.org/userprefs.cgi?tab=email