Re: [Dovecot] Can't establish Dovecot authorization in Exim.

2010-06-30 Thread Philipp Kolmann 
On 2010-06-30 16:26, 秋元 亮二 wrote:
 - Exim
 --
 dovecot_login:
  
  driver = dovecot
   public_name = LOGIN
   server_socket = 
 /var/run/dovecot/auth-client
   server_set_id = $auth1

 dovecot_plain:
  
  driver = dovecot
   public_name = PLAIN
   server_socket = 
 /var/run/dovecot/auth-client
   server_set_id = $auth2

 --
   

I have also $auth1 in dovecot_plain:

dovecot_plain:
driver = dovecot
public_name = PLAIN
server_socket = /var/run/dovecot/auth-client
server_set_id = $auth1


I have debian with exim4-daemon-heavy and nothing ordinary.

hth
philipp

Re: [Dovecot] Can't establish Dovecot authorization in Exim.

2010-06-30 Thread Frank Elsner 
On Wed, 30 Jun 2010 23:26:09 +0900 秋元 亮二 wrote:
 
 Hi,
 
 I have some problem in Dovecot authorization in Exim for 
 outgoing SMTP.
 
 Version of Exim is 4.69 and the Exim was compiled 
 with AUTH_DOVECOT=yes and AUTH_PLAINTEXT=yes.
 Version of Dovecot 
 is 1.2.12.
 
 I use SSL for IMAP.  Is Exim neccesary to use SSL(TLS)
  for authorization of outgoing SMTP?

I guess NO because communication is via socket.

My exim-4.72 configuration (which doesn't use LOGIN) contains:

| plain:
|   driver = dovecot
|   public_name = PLAIN
|   server_socket = /var/run/dovecot/auth-client
|   server_set_id = $auth1


And the dovecot-1.2.12 configuration contains:

| auth default {
|   mechanisms = plain login
| 
|   passdb pam {
|  args = dovecot
|   }
| 
|   socket listen {
| client {
|   # The client socket is generally safe to export to everyone. Typical use
|   # is to export it to your SMTP server so it can do SMTP AUTH lookups
|   # using it.
|   path = /var/run/dovecot/auth-client
|   mode = 0666
| }
|   }
| }


Hope it helps. YMMV.


--Frank Elsner

Re: [Dovecot] Can't establish Dovecot authorization in Exim.

2010-06-30 Thread 秋元 亮二 

Thank you for the responses.

Do I need some setings for auth_advertise_hosts or ACL in Exim configuration 
and need ports other than 25th (SMTP)?

Thanks.

  
_
USBメモリ代わりにお使いください。無料で使える25GB。
http://skydrive.live.com/?showunauth=1mcid=HomeliveMerchBox1

Re: [Dovecot] Can't establish Dovecot authorization in Exim.

2010-06-30 Thread Frank Elsner 
On Thu, 1 Jul 2010 04:31:55 +0900 __ __ wrote:
 
 Thank you for the responses.
 
 Do I need some setings for auth_advertise_hosts or ACL in Exim configuration 
 and need ports other than 25th (SMTP)?

Of course you should define to which hosts you advertise SMTP AUTH.
And within your ACLs you should allow AUTH only for SSL/TLS connections.

For example:

| hostlist   relay_hosts= 127.0.0.0/8 : 192.168.28.0/24
| auth_advertise_hosts  = !+relay_hosts
| ..
| acl_smtp_auth = check_auth
| acl_smtp_connect  = check_connect
| ..
| check_auth:
|   accept  hosts = +relay_hosts
|   accept  encrypted = *
|   denymessage = SSL/TLS encryption required for SMTP AUTH
| 
| check_connect:
|   warnhosts = +relay_hosts
|   control = allow_auth_unadvertised


--Frank Elsner