Best distro for Exim/Cyrus

Paul O'Rorke paul at tracker-software.com
Wed Feb 19 23:50:21 EST 2014 

Hi again guys,

thanks for the help thus far.  I have managed to get cyrus talking with 
exim to deliver mail (the -a inside the quotes did this) and I have the 
cyrus_sasl driver authenticating using DIGEST-MD5:

    digest_md5_sasl_server:
        driver = cyrus_sasl
        public_name = DIGEST-MD5
        server_realm = chemainus.mjbrownloos.com
        server_set_id = $auth1
        .ifndef AUTH_SERVER_ALLOW_NOTLS_PASSWORDS
        server_advertise_condition = ${if eq{$tls_cipher}{}{}{*}}
        .endif

I can receive mail OK, exim passes it to cyrus and I can work with 
mailboxes in Thunderbird however I don't seem to be able to authenticate 
to the SMTP server when sending.  Do I need to specify a separate auth 
for sending through SMTP?

If I turn on *AUTH_SERVER_ALLOW_NOTLS_PASSWORDS = yes* I can send if I 
enable *login_sasl_server* but I'm sending plaintext passwords.  :-(

If I turn off *AUTH_SERVER_ALLOW_NOTLS_PASSWORDS = yes* then I cannot 
send using *login_sasl_server* because it obviously needs an encrypted 
password but I keep getting the message relay not permitted.

If I disable login_sasl_server leaving only the *digest_md5_sasl_server* 
I still get relay not permitted so it seems it's not authenticating on send.

If it can authenticate for IMAP using *digest_md5_sasl_server* why would 
it fail when sending?

regards

*Paul O'Rorke*
Tracker Software Products paul at tracker-software.com 
<mailto:paul.ororke at tracker-software.com>

On 2/17/2014 12:42 AM, Vladislav Kurz wrote:
>
> On Saturday 15 of February 2014 00:05:59 Paul O'Rorke wrote:
>
> > If I don't use any encrypted passwords I can log in, work with
>
> > mailboxes, receive mail but not send (relay not permitted which I
>
> > suspect is so as to not be an open relay..?)
>
> You can always set relay_nets (using "dpkg-reconfigure exim4-config") 
> to your local subnet.
>
> > What do I need to do to authenticate with the cyrus_sasl db? Why would
>
> > the authenticator driver "cyrus_sasl" not be available? Do I need to
>
> > enable that somewhere?
>
> I'm not sure but check if you have installed these packages:
>
> sasl2-bin, libsasl2-modules and exim4-daemon-heavy (instead of -light).
>
> > I've read so many conflicting pages I've completely confused myself.
>
> > Maybe I should be looking at TLS/SSL now...
>
> If you are on secure net, try setting 
> AUTH_SERVER_ALLOW_NOTLS_PASSWORDS = yes (in conf.d/main/00_whatever), 
> to allow plaintext auth.
>
> -- 
>
> S pozdravem
>
> Vladislav Kurz
>
> === WebStep, s.r.o. (Ltd.) ========= a step to the Web ===
>
> address: Mezirka 1, 602 00 Brno, CZ, tel: +420 548 214 711
>
> === www.webstep.net ======= vladislav.kurz at webstep.net ===
>
>
>
> ----
> Cyrus Home Page:http://www.cyrusimap.org/
> List Archives/Info:http://lists.andrew.cmu.edu/pipermail/info-cyrus/
> To Unsubscribe:
> https://lists.andrew.cmu.edu/mailman/listinfo/info-cyrus

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.andrew.cmu.edu/pipermail/info-cyrus/attachments/20140219/1d8a4a02/attachment-0001.html

More information about the Info-cyrus mailing list