(apologies as I replied directly to Mark as opposed to following up) ====================================================================
Thanks for the reply. See below. Marc Haber <[EMAIL PROTECTED]> writes: > On Fri, 27 Oct 2006 10:00:25 +0200, Hadron Quark > <[EMAIL PROTECTED]> wrote: >>I have configured exim4 to use smarthost for sending mails. I have, >>succesfully, configured it to use procmail_pipe to intercept local >>destinations - e.g I can "mail" from the Linux command line to >>"[EMAIL PROTECTED]" and procmail is invoked by exim4 to deliver to my local >>maildirs. >> >>The problem I have is that, using "mail" as opposed to my smtpmail >>package in gnus and thus using exim4, the smarthost authentication is >>failing. It worked twice and then stopped working. >> >>Here is the logline I get: >> >>2006-10-27 09:33:21 1GdMDG-0001tT-D9 ** [EMAIL PROTECTED] >>R=smarthost T=remote_smtp_smarthost: SMTP error from remote mail server >>after MAIL FROM:<[EMAIL PROTECTED]> SIZE=1369: host gmail-smtp.l.google.com >>[66.249.93.111]: 530 5.5.1 Authentication Required c1sm157417ugf > > That looks like your exim is not trying to authenticate. > http://wiki.debian.org/PkgExim4UserFAQ#head-c1af64f5f8594bec680ed64a199607afb8e1c084 > might help here. Not really as it offers no advice on how to setup. I dont know enough about SMTP to debug anything. > >>Here is the HowTo I followed, changing the port selected by the client >>to 587 for gmail's smtp servers. I have set up my passwd.client file. >> >>http://www.lexspoon.org/linux/smtp-relay.html > > That HOWTO is actually quite bad. A critique of it can be found in > http://wiki.debian.org/PkgExim4UserFAQ#head-143dbe79ffa3848284fbd0b0a2bb78dae3d75a18. > >>Possibly something to do with authentication file generated by >>"/usr/share/doc/exim4-base/examples/exim-gencert" > > Not at all. A certificate is not needed if all you want to do is > authenticate as a client. That's good to know - thanks. > >> - should I have even >>run that keeping in mind that I'm not running a receiving smtp server - >>only a client. > > It does not hurt, but it is not needed. > >>| Next, set up the client to send all outgoing mail via the relay host. >>Install exim4 and set it to use your relay server as a smarthost. Edit >>/etc/exim4/passwd.client and put in your username and password, something >>like: >>| >>| ### CONFDIR/passwd.client >>| # >>| # Format: >>| #targetmailserver.example:login:password >>| # >>| # default entry: >>| ### *:bar:foo >>| *:USERNAME:PASSWORD > > That is correct, and the * keeps you from hitting the trap mentioned > in http://bugs.debian.org/244724 and > http://pkg-exim4.alioth.debian.org/README/exim4-config_files.5.html#/etc/exim4/passwd.client > >>| Finally, hack your exim4.conf.template to use port 26 instead of 25. Find >>the section for remote_smtp_smarthost and add port = 26 to it. In my file it >>looks like this: >>| >>| remote_smtp_smarthost: >>| debug_print = "T: remote_smtp_smarthost for [EMAIL PROTECTED]" >>| driver = smtp >>| hosts_try_auth = ${if exists {CONFDIR/passwd.client}{DCsmarthost}{}} >>| tls_tempfail_tryclear = false >>| DEBCONFheaders_rewriteDEBCONF >>| DEBCONFreturn_pathDEBCONF >>| port = 26 >>| >>| That should be it. Now mail sent locally will get relayed via port 26 on >>your relay host. > > Please note that your third-party HOWTO gives the bad advice of > delivering to port tcp/26. smtp.google.com only listens on Ports > tcp/25 and tcp/587. The how to I referenced didnt do anything with google. It was to do with setting up your OWN smarthost for connecting to when on the the road. As I said above, I already changed the port to 587 anyway. > > I have just checked: smtp.google.com offers STARTTLS and only > advertises SMTP AUTH after the connection has been encrypted. Thus, > the Debian exim4 should be able to authenticate fine. I have verified > both with swaks and exim4 that authentication works. > > The only trap that I can see is that smtp.google.com is a CNAME, so > you'll need to either put an asterisk in your passwd.client line or > explicitly name the reverse DNS name of smtp.google.com, which is > (today) gmail-smtp.l.google.com. Can you reference the info about this asterisk? As for the CNAME - my exim4 log reveals it has started a converstion with the smtp server just fine - so where does this CNAME come in? Clearly I wouldnt want to put in a "day specfic" smpt server name. stp.gmail.com seems to find their servers fine. What am I misunderstanding here? > > May I ask why you chose to ignore all Debian documentation and instead > went to honor a third-party HOWTO that clearly shows that its author > is not familiar with Debian's exim packages? Because I couldnt google anything up which was easy enough to follow : as a newbie, totally unfamiliar with exim4 the main docs are extremely hard to follow. If you know of a small howto which works please let me know or even the link to proper debian documentation which doesnt assume knowledge of SMTP protocol and telnet. I had a look at the wiki FAQ, here : http://wiki.debian.org/PkgExim4UserFAQ but I can see nothing about configuring smarthosts with TLS authentication - I am not able to debug SMTP. Many thanks for your help. > > Greetings > Marc > > -- > -------------------------------------- !! No courtesy copies, please !! ----- > Marc Haber | " Questions are the | Mailadresse im Header > Mannheim, Germany | Beginning of Wisdom " | http://www.zugschlus.de/ > Nordisch by Nature | Lt. Worf, TNG "Rightful Heir" | Fon: *49 621 72739834 -- ## List details at http://www.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://www.exim.org/eximwiki/
