With Exim 4, getting SMTP Auth to work is as simple as putting these lines in the ‘AUTHENTICATION CONFIGURATION’ section:
plain:
driver=plaintext
public_name=PLAIN
server_condition="\
${if crypteq{$3}{\
${lookup {$2}lsearch{/etc/exim/users}{$value}{failed}}}{yes}{no}}"
server_set_id = $2
login:
driver = plaintext
public_name = LOGIN
server_prompts = Username:: : Password::
server_condition="\
${if crypteq{$2}{\
${lookup {$1}lsearch{/etc/exim/users}{$value}{failed}}}{yes}{no}}"
server_set_id = $1
Then create the file used in the server_condition above (/etc/exim/users in my case). The records in this file must be in the format ‘username:shadowed_password’.
I add or change the values using the following script, but you can use ‘htpasswd’ instead which is part of Apache.
#!/usr/bin/python
import sys,os,string
from getpass import getpass
from crypt import crypt
if len(sys.argv) > 2:
userName = sys.argv[2]
else:
sys.exit(1)
print 'Adding only APOP password for %s.' % userName
userPass = getpass("New password: ")
userPass2 = getpass("Retype new password: ")
if userPass != userPass2:
print 'Mismatch -- password unchanged.'
sys.exit(1)
userList = "/etc/exim/users"
tmpUserList = "/etc/exim/users.new"
f = open("%s" % userList)
p = open("%s" % tmpUserList, 'w')
fullList = f.readline()
while fullList:
alreadyExist = string.find(fullList, "%s:" % userName)
if alreadyExist == 0:
fullList = f.readline()
continue
p.write("%s" % fullList)
fullList = f.readline()
f.close()
p.close()
os.rename(tmpUserList, userList)
f = open("%s" % userList, 'a')
f.write("%s:%s\n" % (userName,crypt(userPass,userName)))
f.close()
c = os.popen("/usr/sbin/popauth -user %s '%s'" % (userName,userPass))
sys.exit(0)
The last part runs the QPopper change password command and updates its database.