On 2008-09-21 at 22:10 -0400, kmb wrote:
> This is all running on a RH ES4 64Bit server
>
> any pointers on what to look for are welcome.
Run a fake SMTP session with debugging, connect and authenticate.
exim -d+auth -bS
For the authentication, the plaintext is sent as a base64 string. If we
ignore all the normalisation to deal with non-ASCII characters then the
string is made up of three components separated by ASCII NUL:
* authorization ID: leave this empty
* authentication ID: the user whose password is given
* password
So for user "phil" with password "fred" you want to send the
base64-encoded form of "\000phil\000fred", or:
perl -MMIME::Base64 -le 'print encode_base64("\000phil\000fred")'
or:
AHBoaWwAZnJlZA==
So after the EHLO response, you'd send:
AUTH PLAIN AHBoaWwAZnJlZA==
which should provide lots of debugging information about what's
happening and why.
In this case, you're lucky that you don't have:
server_advertise_condition = ${if def:tls_cipher}
in your config, but you might want to consider a set-up where the
NIS password doesn't travel across the wire in nothing more than base64
wrapping.
-Phil
--
## List details at http://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/
