我跟着本指南设置 TLS 和身份验证。我设置了用户名(usr)和密码(pwd)/etc/exim4/passwd
,并且文件具有正确的权限:
-rw-r----- 1 root Debian-exim 51 Oct 16 13:11 passwd
如果我删除该文件中该行的纯文本部分并运行:
htpasswd -vb passwd usr pwd
然后我得到一个很好的
Password for user usr correct.
但是,尝试openssl s_client -connect $HOST:25 -starttls smtp
并粘贴:
ehlo test
250-example.org Hello example.org [1.2.3.4] ← Clearly, redacted…
250-SIZE 52428800
250-8BITMIME
250-PIPELINING
250-AUTH PLAIN LOGIN
250-CHUNKING
250-PRDR
250 HELP
auth plain AHVzcgBwd2Q=
535 Incorrect authentication data
其中base64取自:
echo -ne '\0usr\0pwd' | base64
AHVzcgBwd2Q=
我已经跑过systemctl restart exim4.service
好update-exim4.conf
几次了。
如何调试这个?
答案1
答案2
这对我来说效果很好:
login_saslauthd_server:
driver = plaintext
public_name = LOGIN
server_prompts = "Username:: : Password::"
# don't send system passwords over unencrypted connections
server_condition = ${if saslauthd{{${local_part:$auth1}}{$auth2}{}{${domain:$auth1}}}{1}{0}}
server_set_id = $auth1
# .ifndef AUTH_SERVER_ALLOW_NOTLS_PASSWORDS
server_advertise_condition = ${if eq{$tls_in_cipher}{}{}{*}}
# .endif