In <[🔎] d4361857e45ce32c419c45508e88777c.squirrel@ssl.klabs.be>, Frank Lin PIAT
wrote:
>I want to allow my remote users to submit emails through SMTP
>on port 587 (using TLS).
I do this with exim currently.
>Obviously I want to enforce authenticate
>for those mail submission
Of course, no reason to be an open relay.
>(my user are stored in LDAP, with passwrd
>as plain text, so both PAM and LDAP should be possible [?]).
I've never tried to get exim to talk to LDAP at all. My exim uses PAM for
authentication, which may or may not be the best idea.
Here's how I got exim4 to talk to PAM:
0. Package: -heavy
1. Debconf: split configuration, internet site.
2. /etc/exim4/conf.d/auth/99_local-config_auth_login
login_server:
driver = plaintext
public_name = LOGIN
server_prompts = "Username:: : Password::"
server_condition = ${if pam{$auth1:${sg{$auth2}{:}{::}}}}
server_set_id = $auth1
3. /etc/exim4/conf.d/auth/99_local-config_auth_plain
plain_server:
driver = plaintext
public_name = PLAIN
server_prompts = :
server_condition = ${if pam{$2:$3}}
server_set_id = $2
>Does anyone knows a good howto. I am especially wondering how to
>instruct EXIM to use PAM/LDAP rather than the local /etc/exim4/passwd)
My exim talks to PAM, but my PAM doesn't do any LDAP. /etc/pam.d/exim just
includes the common-{auth,account,session} files; those files just require
pam_unix.so.
I've not messed with LDAP at all, really.
--
Boyd Stephen Smith Jr. ,= ,-_-. =.
bss@iguanasuicide.net ((_/)o o(\_))
ICQ: 514984 YM/AIM: DaTwinkDaddy `-'(. .)`-'
http://iguanasuicide.net/ \_/
Attachment:
signature.asc
Description: This is a digitally signed message part.