Re: Secure Relaying -- a start

To: debian-user@lists.debian.org
Subject: Re: Secure Relaying -- a start
From: will trillich <will@serensoft.com>
Date: Sun, 2 Feb 2003 19:43:08 -0600
Message-id: <[🔎] 20030203014307.GA26016@mail.serensoft.com>
Mail-followup-to: debian-user@lists.debian.org
In-reply-to: <[🔎] 3E3D27C4.4030901@grizzy.com>
References: <20030130024817.GA26588@mail.serensoft.com> <20030130053732.GB5636@dman.ddts.net> <20030130220910.GB8146@mail.serensoft.com> <20030131003550.GA2890@riva.ucam.org> <3E3A78BD.2090407@grizzy.com> <20030131183441.GA29658@mail.serensoft.com> <3E3AED3A.60502@grizzy.com> <[🔎] 20030201202126.GB23200@mail.serensoft.com> <[🔎] 3E3C7D73.2050208@grizzy.com> <[🔎] 3E3D27C4.4030901@grizzy.com>

On Sun, Feb 02, 2003 at 02:14:28PM +0000, Ed Lawson wrote:
> >will trillich wrote:
> >
> >>
> >>yep. try uncommenting one of them (if it happens to refer to
> >>/etc/exim/passwd then you need to set that up properly to
> >>match)
> >>
> One more question...or two or three.

i know how you feel. :)

> Can the /etc/exim/passwd file be created with htpassd?  That
> would seem the easiest way and whst I used.  What permissions
> are required on the passwd file?  

note: i am not an expert. an expert, according to my dad, is a
sonofabitch fifty miles from home. i'm home, so i certainly
don't qualify.

htpasswd it probably fine for this purpose.

> I now have Exim looking to authenticate before relaying and I
> have a passwd file created by htpassed which is readable only
> by root...but still not go.  Permission problem?  

i made the password file "chmod 600" and then of course it
couldn't read it at all, since i make the file as root. to fix
that i did "chown mail.mail" and it's been happy ever since.
your situation may be the same. try it out.

(if you add group 'mail' to your personal username, you might
make it chmod 640 with chown youruser.mail -- but there may be
security issues there i'm not aware of.)

now if you get PAM to cooperate, let me know.

	plain:
		driver = plaintext
		public_name = BASIC
		# $3 =~ s/:/::/g
		# if pam($2:$3) {yes} else {no}
		server_condition = ${if pam{$2:${sg{$3}{:}{::}}}{yes}{no}}
		server_set_id = $2

when i do the interactive tests, it works like a champ; when i
try it from a remote client, nothing doing. still working on
it...

-- 
I use Debian/GNU Linux version 3.0;
Linux server 2.4.20-k6 #1 Mon Jan 13 23:49:14 EST 2003 i586 unknown

DEBIAN NEWBIE TIP #133 from nate <debian-user@aphroland.org>
:
Looking to MOVE A PARTITION TO A NEW DISK DRIVE?
1) install the new disk, partition & format it as you like
2) mount the disk somewhere on the root filesystem (I use /usr.new)
3) go to single user mode ('telinit 1')
4) cd /usr ; cp -a * /usr.new/
5) cd / ; mv usr usr.old ; mkdir /usr
5) edit /etc/fstab to reflect the new location
   (/usr.old) and new partition (/usr)
6) go back to runlevel 2 (logout, or 'telinit 2'
   or whatever runlevel you use)
7) run the system for a few days and make sure everything
   is good, once this is done erase /usr.old if you want.

Also see http://newbieDoc.sourceForge.net/ ...

Reply to:

References:
- Re: Secure Relaying -- a start
  - From: will trillich <will@serensoft.com>
- Re: Secure Relaying -- a start
  - From: Ed Lawson <elawson@grizzy.com>
- Re: Secure Relaying -- a start
  - From: Ed Lawson <elawson@grizzy.com>

Prev by Date: Disk formatting
Next by Date: Re: Help debugging package problems (again)
Previous by thread: Re: Secure Relaying -- a start
Next by thread: Re: Secure Relaying -- a start
Index(es):
- Date
- Thread