this is way outside my comfort zone :-0
ive set up a test version on my local machine and when i send from a
client
2012-04-16 18:15:59 [4252] SMTP connection from [::1]:51631 I=[::1]:25
(TCP/IP connection count = 1)
2012-04-16 18:16:00 [4259] 1SJpWy-00016h-Ow <= [email protected]
H=twelve-m266 [::1]:51631 I=[::1]:25 P=esmtp S=541
id=1334596559.3882.1@twelve-M266 T="test" from <[email protected]> for
[email protected]
2012-04-16 18:16:00 [4259] SMTP connection from twelve-m266 [::1]:51631
I=[::1]:25 closed by QUIT
2012-04-16 18:16:00 [4262] cwd=/var/spool/exim4 3 args: /usr/sbin/exim4
-Mc 1SJpWy-00016h-Ow
2012-04-16 18:16:02 [4262] 1SJpWy-00016h-Ow == [email protected]
R=smarthost_auto T=remote_smtp defer (-53): retry time not reached for
any host
2012-04-16 18:16:26 [4379] cwd=/home/mars 2 args: exim -bp
2012-04-16 18:16:36 [4380] cwd=/home/mars 3 args: exim -M 1SJpWy-00016h-Ow
2012-04-16 18:19:22 [4381] 1SJpWy-00016h-Ow Remote host isp.org
xx.xx.xx.xx] closed connection in response to initial connection
2012-04-16 18:19:22 [4380] 1SJpWy-00016h-Ow == [email protected]
R=smarthost_auto T=remote_smtp defer (-18): Remote host isp.org
[xx.xx.xx.xx] closed connection in response to initial connection
How can I debug this fro my end ?
Do i need to tell the authenticator to encrypt the username/password it
retrieves from the lookup ?
thanks for any pointers
Ive added a port variable to the data file and can look it up
exim -be
'${extract{port}{${lookup{[email protected]}wildlsearch{/etc/exim4/smarthosts}{$value}fail}}}'
465
config is now
begin routers
smarthost_auto:
debug_print ="T. auto_route remote_smtp for $local_part@$domain from
$sender_address "
self = send
condition =
${extract{smarthost}{${lookup{$sender_address}wildlsearch*@{/etc/exim4/smarthosts}{$v
alue}fail}}}
driver = manualroute
transport = remote_smtp
route_list = *
"${extract{smarthost}{${lookup{$sender_address}wildlsearch{/etc/exim4/smarthosts}
{$value}fail}}}"
domains = ! +local_domains
begin transports
remote_smtp:
debug_print = "T: remote_smtp for $local_part@$domain and $host_address"
driver = smtp
tls_certificate = /etc/exim4/exim.crt
tls_privatekey = /etc/exim4/exim.key
hosts_require_auth = *
port =
${extract{port}{${lookup{[email protected]}wildlsearch{/etc/exim4/smarthosts}{$value}fail}}}
begin authenticators
login:
driver = plaintext
public_name=LOGIN
client_send = :
"${extract{auth_name}{${lookup{$sender_address}wildlsearch{/etc/exim4/smarthosts}{$value}fail}}}"
:
"${extract{auth_pass}{${lookup{$sender_address}wildlsearch{/etc/exim4/smarthosts}{$value}fail}}}"
On 10/04/12 01:32, Phil Pennock wrote:
On 2012-04-09 at 17:26 +0100, p cooper wrote:
thanks - its now trying to send through the smtp hosts
but its trying and failing . The lookups for auth_name and auth_pass (
as defined in the authenticator section) from the command line are
return the correct values .Its trying to connct to the remote SMTP
server but i think the authentication is failing
You have "hosts_require_auth" on the transport, but it's set only for
submission/smtps ports; here, you're connecting on port 25.
I would:
* use "address_data = ${the wildlsearch stuff}" on the Router
* use a Transport which, if it can ${extract...} a "usercode" field
from $address_data, tries connecting to port 587 (or even a port
field extracted from $address_data)
* use "hosts_require_auth = *" on the Transport triggered for this
authenticated connection
* avoid port numbers in hosts_require_auth, it takes hostnames only
* add "client_condition = ${if def:tls_cipher}" to your login
authenticator, to ensure you don't send credentials over cleartext
(even if server identity is still not verified, you're at least
protected against passive attacks)
-Phil
--
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/
