Re: Exim-TLS - how to auth user?

To: Iain Tatch <iain@deepsea.force9.co.uk>
Cc: debian-user@lists.debian.org
Subject: Re: Exim-TLS - how to auth user?
From: Ernest Johanson <ejohan@fuller.edu>
Date: Fri, 21 Feb 2003 14:16:56 -0800 (PST)
Message-id: <[🔎] Pine.LNX.4.21.0302211409020.18914-100000@esther.fuller.edu>
In-reply-to: <[🔎] 17245337451.20030221192549@deepsea.force9.co.uk>

Do you have an authenticator configured in your exim.conf file? You have
to have one before exim will recognize the authentication methods. Chs. 36
and 37 in the manual explain how to do it.

Ernest Johanson
Systems Administrator
Fuller Theological Seminary


On Fri, 21 Feb 2003, Iain Tatch wrote:

> Date: Fri, 21 Feb 2003 19:25:49 +0000
> From: Iain Tatch <debian@deepsea.force9.co.uk>
> Reply-To: Iain Tatch <iain@deepsea.force9.co.uk>
> To: debian-user@lists.debian.org
> Subject: Exim-TLS - how to auth user?
> 
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
> 
> Hello the list
> 
> I have a question regarding authenticating an SMTP request.
> 
> I have a user who would like to be able to use my Debian woody machine as a
> general SMTP host while he is "on the road". He could be connecting via any
> of a number of dial-up accounts, all with dynamic IP assignment, so I cannot
> authenticate him via a simple IP address.
> 
> My MTA on this box is Exim, and after a little bit of reading around, I
> decided what I needed to do was to use the SMTP-AUTH extension (as per RFC
> 2554), and to avoid sending passwords in the clear, to use the TLS version
> of Exim.
> 
> So I `apt-get install exim-tls`, created myself a TLS certificate, and made
> the necessary modifications to the exim.conf to switch on the SMTP-over-TLS
> stuff. FYI the additional stuff I made to the exim.conf are:
> 
>    # Which hosts do we tell that we have STARTTLS available?
>    tls_advertise_hosts = *
> 
>    # File locations
>    tls_certificate = /etc/ssl/certs/exim.tls.crt
>    tls_privatekey  = /etc/ssl/certs/exim.tls.key
> 
>    # insist that any client using auth starts a TLS session first
>    auth_over_tls_hosts = *
> 
> So far so good, if I telnet to port 25 and issue an EHLO command, exim
> replies that one of the functions supported is STARTTLS. But what I *don't*
> seem to be able to do is get Exim to recognise any of the authentication
> methods, it doesn't seem to have been compiled with either AUTH_PLAIN or
> AUTH_CRAM-MD5 (or anything else).
> 
> If this is so, I'm still not really much better off. I can insist that my
> roaming user connects via a secure method, but if I still have no way of
> authenticating him then I still can't verify identity, and hence I'd still
> have to leave my Exim in a basically open relay state (albeit one that will
> require a secure connection).
> 
> Am I missing something, or has the Exim-TLS package been compiled without
> any of the AUTH methods. Which seems rather odd to me.
> 
> Any help, tips, flames etc gratefully received.
> 
> Thanks!
> - -- 
> Iain | PGP mail preferred: pubkey @ www.deepsea.f9.co.uk/misc/iain.asc
>  ($=,$,)=split/"13\//,"13\"13\/tl.rnh  r   HITtahkPctacriAneeeusaoJ";;
>  for(@==sort@$=split//,$,){$..=$$[$=];$$=$=[$=];$@=1;$@++while$=[--$=]
>  eq$$&&$=>=$?;$==$?;for(@$){$@--if$$ eq$_;;last if!$@;$=++}}print$..$/
> -----BEGIN PGP SIGNATURE-----
> Version: PGP 8.0 - not licensed for commercial use: www.pgp.com
> 
> iQA/AwUBPlZ9MGByUNb+aO+GEQKUfQCfZ+3mnBVMlCAKWNnJTzh/Wxuw/6QAoKrQ
> 8o4DtywZHbxZY0o8Iqf5fUUw
> =duCg
> -----END PGP SIGNATURE-----
>

Reply to:

References:
- Exim-TLS - how to auth user?
  - From: Iain Tatch <debian@deepsea.force9.co.uk>

Prev by Date: Re: [OT] Actually Way OT - Debian version names
Next by Date: Re: cdrdao CD -> burner question
Previous by thread: Exim-TLS - how to auth user?
Next by thread: audio recording is (still) fast
Index(es):
- Date
- Thread