Exim 4 SMTP Auth

With Exim 4, getting SMTP Auth to work is as simple as putting these lines in the ‘AUTHENTICATION CONFIGURATION’ section:

plain:
    driver=plaintext
    public_name=PLAIN
    server_condition="\
    ${if crypteq{$3}{\
        ${lookup {$2}lsearch{/etc/exim/users}{$value}{failed}}}{yes}{no}}"
    server_set_id = $2

login:
    driver = plaintext
    public_name = LOGIN
    server_prompts = Username:: : Password::
    server_condition="\
    ${if crypteq{$2}{\
        ${lookup {$1}lsearch{/etc/exim/users}{$value}{failed}}}{yes}{no}}"
    server_set_id = $1

								

Then create the file used in the server_condition above (/etc/exim/users in my case). The records in this file must be in the format ‘username:shadowed_password’.

I add or change the values using the following script, but you can use ‘htpasswd’ instead which is part of Apache.

#!/usr/bin/python

import sys,os,string
from getpass import getpass
from crypt import crypt

if len(sys.argv) > 2:
        userName = sys.argv[2]
else:
	sys.exit(1)

print 'Adding only APOP password for %s.' % userName
userPass = getpass("New password: ")
userPass2 = getpass("Retype new password: ")

if userPass != userPass2:
	print 'Mismatch -- password unchanged.'
	sys.exit(1)


userList = "/etc/exim/users"
tmpUserList = "/etc/exim/users.new"

f = open("%s" % userList)
p = open("%s" % tmpUserList, 'w')
fullList = f.readline()
while fullList:
	alreadyExist = string.find(fullList, "%s:" % userName)
	if alreadyExist == 0:
		fullList = f.readline()
		continue
	p.write("%s" % fullList)
	fullList = f.readline()
f.close()
p.close()

os.rename(tmpUserList, userList)

f = open("%s" % userList, 'a')
f.write("%s:%s\n" % (userName,crypt(userPass,userName)))
f.close()

c = os.popen("/usr/sbin/popauth -user %s '%s'" % (userName,userPass))

sys.exit(0)

								

The last part runs the QPopper change password command and updates its database.

Leave a Reply

Your email address will not be published. Required fields are marked *