Differences between version 15 and predecessor to the previous major change of EximSmtpAuth.
Other diffs: Previous Revision, Previous Author, or view the Annotated Edit History
Newer page: | version 15 | Last edited on Thursday, January 26, 2006 10:49:59 am | by TimCareySmith | Revert |
Older page: | version 13 | Last edited on Thursday, February 3, 2005 6:16:12 pm | by CraigBox | Revert |
@@ -44,9 +44,9 @@
exim -bh localhost
try the commands
EHLO localhost
exim should produce at least one line saying
- AUTH LOGIN PLAIN
+ 250-
AUTH LOGIN PLAIN
then type
AUTH LOGIN
exim will give you a base 64 encoded prompt ("WLUG Username:" from above). You then type in your username base64 encoded, it will prompt you with a base64 encoded prompt for your password, you enter the base64 encoded version of your password and it should say "Autentication successful" yay! type
QUIT
@@ -85,8 +85,21 @@
ldap://localhost/ou=Domains,BASEDN?uid?sub?(uid=$1)}{yes}fail}"
server_set_id = $1
This one differs slightly, in that in order to find the binddn, i first had to do a query to find the dn of the uid relating to user@domain.co.nz. As this is stored in o=$domain,ou=Domains..., and the $domain wont work in this case (its only populated when it gets an incoming mail, not for an auth session), I either needed a regex to split $1 into $user and $domain, or else to do this extra query. It works out ok though :). Note that the internal query is of type 'ldapdn' - this returns the dn of the result, and assumes there is only one match for uid=$1.
+
+----
+!! another setup
+something maybe simpler, that supports multiple virtual domains:
+
+login:
+ driver = plaintext
+ public_name = LOGIN
+ server_prompts = "LDAP Username:: : LDAP Password::"
+ server_condition = ${if ldapauth { user="${lookup ldapdn{ ldap://LDAPSERVER/BASEDN?dn?sub?(mail=$1)}}" pass=${quote:$2} ldap://LDAPSERVER/}{yes}{no}}
+ server_set_id = $1
+
+the ldapdn lookup retrieves the full dn of user identified by is "mail" ( this attribute can of course be changed ) and attempt a bind to the ldapserver, with the given dn. if it succeeds, then smtp auth is considered successful
----
!! Client Setup
All mail generated at my house gets sent to exim which runs on the router connected to my DSL line, my ISPs smarthost sucks (for various reasons), and being on a dynamic IP delivering directly is not such a smart idea. The solution is to smarthost to another server somewhere that will accept my mail using SMTP AUTH. In this case exim is acting as an SMTP AUTH client rather than a server.