Thanks Vlad,
the last three lines (ifnedef - endif) can be IMHO deleted, because
DIGEST-MD5 (and CRAM-MD5 and NTLM) do not send plaintext passwords, so
should be allowed even on otherwise unencrypted connection.
commented out.
Check if user Debian-exim is member of sasl group - to get access to
/etc/sasldb2.
root@blmail:/etc/exim4/conf.d# groups Debian-exim
Debian-exim : Debian-exim root mail sasl cyrus
root@blmail:/etc/exim4/conf.d# ls -l /etc/sasldb2
-rw-rw---- 1 cyrus Debian-exim 12288 Feb 19 20:19 /etc/sasldb2
Looks right to me...
Thunderbird has separate auth setting for SMTP, hovewer you should
specify the same user/pass as for IMAP. Check also the option "auth
method" and set encrypted password - which is luser translation of
DIGEST/CRAM-MD5.
It seems that exim is not using the same auth as cyrus. TB doesn't
recognise the encrypted passwords option. Nor does Outlook so I don't
think it's the MUA.
When I let TB query the server for settings it correctly returns with
'Encrypted password' for IMAP but 'Password, transmitted insecurely' for
SMTP. Leaving that setting results in the expected 'relay not
permitted' setting it in TB to use 'Encrypted password' results in the
following error message in TB:
Sending of message failed.
The SMTP server chemainus.mjbrownloos.com does not support the
selected authentication method. Please change the 'Authentication
method' in the 'Account Settings | Outgoing Server (SMTP)'.
I'm watching (tail -f) the following 4 log files when I send
(/var/log/exim/ has only mainlog and rejectlog):
/var/log/exim4/mainlog
/var/log/exim4/rejectlog
/var/log/syslog
/var/log/auth.log
but I'm not seeing anything helpful. Indeed I need to trace the
process on send and find out where is is baulking, any thoughts on how
to find that?
Since this seems to now be an Exim thing, perhaps at this point I should
be asking this on the exim list?
*Paul O'Rorke* Tracker Software Products p...@tracker-software.com
<mailto:paul.oro...@tracker-software.com>
On 2/20/2014 2:23 AM, Vladislav Kurz wrote:
On Thursday 20 of February 2014 05:50:21 Paul O'Rorke wrote:
> Hi again guys,
>
> thanks for the help thus far. I have managed to get cyrus talking with
> exim to deliver mail (the -a inside the quotes did this) and I have the
> cyrus_sasl driver authenticating using DIGEST-MD5:
>
> digest_md5_sasl_server:
> driver = cyrus_sasl
> public_name = DIGEST-MD5
> server_realm = chemainus.mjbrownloos.com
> server_set_id = $auth1
> .ifndef AUTH_SERVER_ALLOW_NOTLS_PASSWORDS
> server_advertise_condition = ${if eq{$tls_cipher}{}{}{*}}
> .endif
Hi,
the last three lines (ifnedef - endif) can be IMHO deleted, because
DIGEST-MD5 (and CRAM-MD5 and NTLM) do not send plaintext passwords, so
should be allowed even on otherwise unencrypted connection.
Check if user Debian-exim is member of sasl group - to get access to
/etc/sasldb2.
> I can receive mail OK, exim passes it to cyrus and I can work with
> mailboxes in Thunderbird however I don't seem to be able to authenticate
> to the SMTP server when sending. Do I need to specify a separate auth
> for sending through SMTP?
Thunderbird has separate auth setting for SMTP, hovewer you should
specify the same user/pass as for IMAP. Check also the option "auth
method" and set encrypted password - which is luser translation of
DIGEST/CRAM-MD5.
> If it can authenticate for IMAP using *digest_md5_sasl_server* why would
> it fail when sending?
Just because IMAP auth is done by cyrus and SMTP auth by exim ;) Check
/var/log/exim/*log, there might be some hints...
--
S pozdravem
Vladislav Kurz
=== WebStep, s.r.o. (Ltd.) ========= a step to the Web ===
address: Mezirka 1, 602 00 Brno, CZ, tel: +420 548 214 711
=== www.webstep.net ======= vladislav.k...@webstep.net ===
----
Cyrus Home Page: http://www.cyrusimap.org/
List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/
To Unsubscribe:
https://lists.andrew.cmu.edu/mailman/listinfo/info-cyrus
----
Cyrus Home Page: http://www.cyrusimap.org/
List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/
To Unsubscribe:
https://lists.andrew.cmu.edu/mailman/listinfo/info-cyrus