EXIM SMTP !AUTH (??)

XML, Perl, Python, and other languages can be discussed here, even if it isn't PHP (We might forgive you).

Moderator: General Moderators

Post Reply
User avatar
Heavy
Forum Contributor
Posts: 478
Joined: Sun Sep 22, 2002 7:36 am
Location: Viksjöfors, Hälsingland, Sweden
Contact:

EXIM SMTP !AUTH (??)

Post by Heavy »

I am setting up exim as my mail transport agent.
It works way too well! There is no authentication prompt anywhere.
If I try to configure for authentication:

Code: Select all

######################################################################
#                   AUTHENTICATION CONFIGURATION                     #
######################################################################

# Look in the documentation (in package exim-doc or exim-doc-html for
# information on how to set up authenticated connections.

# The examples below are for server side authentication; they allow two
# styles of plain-text authentication against an /etc/exim/passwd file
# which should have user IDs in the first column and crypted passwords
# in the second.

# plain:
#   driver = plaintext
#   public_name = PLAIN
#   server_condition = "${if crypteq{$2}{${extract{1}{:}{${lookup{$1}lsearch{/etc/exim/passwd}{$value}{*:*}}}}}{1}{0}}"
#   server_set_id = $1
#
# login:
#   driver = plaintext
#   public_name = LOGIN
#   server_prompts = "Username:: : Password::"
#   server_condition = "${if crypteq{$2}{${extract{1}{:}{${lookup{$1}lsearch{/etc/exim/passwd}{$value}{*:*}}}}}{1}{0}}"
#   server_set_id = $1

# These examples below are the equivalent for client side authentication.
# They assume that you only use client side authentication to connect to
# one host (such as a smarthost at your ISP), or else use the same user
# name and password everywhere

# plain:
#   driver = plaintext
#   public_name = PLAIN
#   client_send = "^username^password"
#
# login:
#   driver = plaintext
#   public_name = LOGIN
#   client_send = ": username : password"
#
# cram_md5:
#   driver = cram_md5
#   public_name = CRAM-MD5
#   client_name = username
#   client_secret = password

# End of Exim configuration file
I set up a PERL script that looks like this:

Code: Select all

#!/usr/bin/perl
use MIME::Base64;
printf ("%s", encode_base64(eval ""$ARGVї0]""));
which gives me some kind of encoding.
If I do:

Code: Select all

shell>./encodemailpassword ape
I get:

Code: Select all

YXBl
Then I insert this into the file /etc/exim/passwd:

Code: Select all

username YXBI
I can now uncomment one of the parts suggested for server side auth. Either "login:" or "plain:"
If I now try to send email using this server as SMTP with the user name "username". Mozilla (1.4a) prompts for a password. Whatever i type in the box, rejects me.
So, I can comment out those "login:" or "plain:" parts of /etc/exim/exim.conf, and have a perfectly working server, without any authentication prompt.
If I try server side authentication "login:" or "plain:", I can't succeed at all, whatever password or no password I submit.

What am I doing wrong?
User avatar
Heavy
Forum Contributor
Posts: 478
Joined: Sun Sep 22, 2002 7:36 am
Location: Viksjöfors, Hälsingland, Sweden
Contact:

Post by Heavy »

Problem solved using OpenSSL and plaintext auth:
here's how it was done:
http://jeremy.zawodny.com/blog/archives/000453.html
User avatar
Heavy
Forum Contributor
Posts: 478
Joined: Sun Sep 22, 2002 7:36 am
Location: Viksjöfors, Hälsingland, Sweden
Contact:

Post by Heavy »

It works way too well! There is no authentication prompt anywhere.
Yeah... Got listed as an open relay all over the world. Go see http://ordb.org if you don't know what it means. Now I really know what diseases an open relay suffers from...
User avatar
volka
DevNet Evangelist
Posts: 8391
Joined: Tue May 07, 2002 9:48 am
Location: Berlin, ger

Post by volka »

:(
Full disclosure is a double-edged sword.
Not only have you been banned from some mtas/clients (which I approve as long as people revalidate their killsfiles) but also do spammers read those lists causing you even more trouble. I hope you can fix it and get erased from that list...
User avatar
Heavy
Forum Contributor
Posts: 478
Joined: Sun Sep 22, 2002 7:36 am
Location: Viksjöfors, Hälsingland, Sweden
Contact:

Post by Heavy »

Right now, it seems like I am not included anymore in the biggest open relays databases. But of course, those spammers haven't stopped bombing me yet. My ethernet LEDs flash frequently from junk traffic.

Will they stop bombing me? I think yes, because those spammers use bandwidth and if they get to know that my relay is not open anymore, they should use their power elsewere. If I were them, I would build my system that way.

I don't know very much about how email works, so if a spammer tests for an open relay and that reveals him, he might just not test the relays he is using. If so. I'm busted!

The result so far is that my bandwidth is part consumed by smtp requests that are blocked (nowadays), and that my mainlog file for exim is growing quite large unnecessarily.

I posted a problem regarding something that no one anwered to. I thought it'd be good to post the solution aswell, and a comment to what open relays are.
Post Reply