Re: SMTP smart host authentication fails
On Sat, Oct 27, 2007 at 08:46:40PM -0400, Haines Brown wrote:
> "Douglas A. Tutty" <dtutty@porchlight.ca> writes:
>
> > 1. In /etc/exim4/passwd.client I inserted this line (where "<PW>" is
> > > my plain test password):
> > >
> > > mymail.myregisteredsite.com:hartford-hwp.com:<PW>
> >
> > Yeah, redirects sort of mess up exim. That's why I would use:
> >
> > *:[username]:[PW]
> >
> > Is your login user-name really hartford-hwp.com?
>
> Yes, that is my username. So you are recommending:
>
> *:hartford-hwp.com:<PW>
>
> But can a wildcard replace the name of the server like this?
Yes. No matter what host asks exim for auth, it will give this username
and password. That _could_ be a problem but I'd sugggest that you at
least start with this to make sure it works. Then if you like, you
could add a few discreet entries for the names of systems that try to
auth.
>
> > > 2. In exim4 configuration, I have to specify the smtp server. In
> > > /etc/exim4/update.exim.conf.conf I have the line:
> > >
> > > dc_smarthost='mymail.myregisteredsite.com'
> > >
> >
> > I would stick to the name they gave you. Otherwise, exim will try to
> > contact that box directly and that box is likely configured to only
> > acccept stuff from smtp.hardford-hwp.com
>
> OK, I'll revert as you suggest.
>
> > > 3. I have not specified the authentication method. After speaking with
> > > my tech support supervisor's supervisor, all I could get was that
> > > the authentication method is "basic", "ordinary". Only later one
> > > person suggested that "basic" is really plain
> > > authentication. Assuming this is correct, I did not make any
> > > changes to the /etc/exim4/exim4.conf.template file, which
> > > apparently defaults to the plain text authentication method. I have
> > > no trouble accessing the POP server.
> >
> > Is your pop-server username hartford-hwp.com as well?
>
> Pop sercver is pop.hartford-hwp.com; smtp server is smtp.hartford-hwp.com
They look like server names not user names for a login session.
>
> > inetd.conf is for incoming ports. Opening a port in the sense they mean
> > is opening a port in your own firewall to let exim call out on port 587.
> > The standard port per /etc/services would be 465.
>
> I reverted to port 25, but no luck
>
> > So, do you have a firewall?
>
> This may be my problem: I have a hardware firewall. However, if I'm
> using port 25 for smtp, wouldn't my firewall let it through? Is the
> fact that it's now SSL require a change in my hardware firewall?
>
YES. Absolutley. You've told exim to contact smtp on port 587 but if
your firewall is blocking connections on port 587 then nothing will get
through.
> > > I know that whenever I make changes to exim configuration or to the
> > > inetd.conf file, I must restart. Will both of these commands do it
> > > (I'm using debian Etch)? That is, does reconfiguring Exim also restart
> > > inetd, and does restarting inetd also rescan Exim4 configuration?
> > >
> > > # dpkg-reconfigure exim4-config
> > > # /usr/sbin/initd restart
> > >
> >
> > There is no such file as /usr/sbin/initd to restart.
> >
> > However, there is /etc/init.d/exim4 restart.
>
> Ouch. I was led astray here. Running the command didn't have cause
> feedback, which I took as good news. I'm now using # invoke-rc.d exim4
> restart , which I assume does the same as # /etc/init.d/exim4 restart
>
invoke-rc.d is for package scripts to use so that they follow any
local-administrator set policies. Your _are_ the local administrator
and you don't want somebody else's magic from keeping the script from
running. You want the script to run so just directly tell the script to
run with /etc/init.d/exim4 restart.
> My problem may be my hardware firewall, not so much the port, but the
> protocol for SSL SMTP smtp or smtps?).
according to /etc/services that's ssmtp. But who cares? You tell the
firewall what port to open. Your ISP told you what port to use so you
tell the firewall and you tell exim.
Doug.
Reply to: