Hello,
I've set up Exim to use PAM authantication. That should return the
correct PAM return values:
PAM_SUCCESS - all good
PAM_AUTH_ERR - wrong password
PAM_USER_UNKNOWN - wrong user
I see a lot of lines like this in the mainlog:
2020-12-27 20:04:00 login authenticator failed for (USER) [199.192.16.253]: 435
Unable to authenticate at present ([email protected]): Permission
denied
So it returns the temporary code 435 instead of the permanent code 535.
Why's that? I'm using the suggested config from the Exim manual. Should
there be a "fail" or "false" somewhere in the expansion?
begin authenticators
fixed_plain:
driver = plaintext
public_name = PLAIN
server_prompts = :
# Check password in $auth3 for user in $auth2
server_condition = ${if pam{$auth2:${sg{$auth3}{:}{::}}}}
server_set_id = $auth2
login:
driver = plaintext
public_name = LOGIN
server_prompts = Username:: : Password::
# Check password in $auth2 for user in $auth1
server_condition = ${if pam{$auth1:${sg{$auth2}{:}{::}}}}
server_set_id = $auth1
-Yves
--
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/
