[exim] TLS SASL authentiation error 535

Thu, 03 Sep 2015 15:28:07 -0700 

I'm trying to figure out what's going on with sending mail from my phone
through my server.  It had been working for a while but suddenly
stopped.  I am authenticating using saslauthd for outgoing mail.  I can
check the authentication with testsaslauthd and that returns OK and I
can also test with swaks (from a machine on the local network) and that
authenticates.  But when I put in the same login information into the
phone (via remote network), I get the incorrect authentication data error.

I ran exim in debug mode.  I see that $auth2 is populated with the user
name and $auth3 has the password.

The configured authenticator is:

plain_saslauthd_server:
   driver = plaintext
   public_name = PLAIN
   server_condition = ${if saslauthd{{$auth2}{$auth3}}{1}{0}}
   server_set_id = $auth2
   server_prompts = :
   server_advertise_condition = ${if eq{$tls_cipher}{}{}{*}}

I compared two runs in debug mode, one from the swaks test and one from
the phone test.  I looked for the authentication portion and they appear
to match in the operations but the result is differen (password and user
removed but I did verify that the plain text entries are identical):

swaks test:
20937 Calling gnutls_record_recv(0xb82b4440, 0xb8473d60, 4096)
20937 SMTP<< AUTH PLAIN AGFnY<encrypted password>
20937 plain_saslauthd_server authenticator server_condition:
20937   $auth1 =
20937   $auth2 = user
20937   $auth3 = plaintextpassword
20937   $1 =
20937   $2 = user
20937   $3 = plaintextpassword
20937 Running saslauthd authentication for user "user"
20937 saslauthd userid='user' servicename='' realm=''
20937 Answer 'OK' received.
20937 saslauthd: success (OK)
20937 expanded string: 1

phone test:
20952 Calling gnutls_record_recv(0xb8f3e440, 0xb90fdd60, 4096)
20952 SMTP<< AUTH PLAIN AGFnY<encrypted password>
20952 plain_saslauthd_server authenticator server_condition:
20952   $auth1 =
20952   $auth2 = user
20952   $auth3 = plaintextpassword
20952
20952   $1 =
20952   $2 = user
20952   $3 = plaintextpassword
20952
20952 Running saslauthd authentication for user "user"
20952 saslauthd userid='user' servicename='' realm=''
20952 Answer 'NO' received.
20952 saslauthd: access denied (NO)
20952 expanded string: 0


Both tests were using TLS authentication.  I'm a bit lost why they
behave differently.  I would appreciate any help to further debug.

-- 
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

Reply via email to