exim/exim-4.43-pamconfig.patch

78 lines
2.9 KiB
Diff
Raw Normal View History

2008-08-13 14:36:02 +00:00
diff -uNr exim-4.69-new/src/configure.default exim-4.69/src/configure.default
--- exim-4.69-new/src/configure.default 2008-08-13 15:15:01.000000000 +0100
+++ exim-4.69/src/configure.default 2008-08-13 15:16:44.000000000 +0100
@@ -140,7 +140,7 @@
# Allow any client to use TLS.
-# tls_advertise_hosts = *
+tls_advertise_hosts = *
# Specify the location of the Exim server's TLS certificate and private key.
# The private key must not be encrypted (password protected). You can put
2008-08-13 14:36:02 +00:00
@@ -148,8 +148,8 @@
# need the first setting, or in separate files, in which case you need both
# options.
-# tls_certificate = /etc/ssl/exim.crt
-# tls_privatekey = /etc/ssl/exim.pem
2006-07-27 07:05:24 +00:00
+tls_certificate = /etc/pki/tls/certs/exim.pem
+tls_privatekey = /etc/pki/tls/private/exim.pem
# In order to support roaming users who wish to send email from anywhere,
# you may want to make Exim listen on other ports as well as port 25, in
2008-08-13 14:36:02 +00:00
@@ -160,8 +160,8 @@
# them you should also allow TLS-on-connect on the traditional but
# non-standard port 465.
-# daemon_smtp_ports = 25 : 465 : 587
-# tls_on_connect_ports = 465
+daemon_smtp_ports = 25 : 465 : 587
+tls_on_connect_ports = 465
# Specify the domain you want to be added to all unqualified addresses
2008-08-13 14:36:02 +00:00
@@ -219,6 +219,24 @@
2008-08-13 14:36:02 +00:00
host_lookup = *
+# This setting, if uncommented, allows users to authenticate using
+# their system passwords against saslauthd if they connect over a
+# secure connection. If you have network logins such as NIS or
+# Kerberos rather than only local users, then you possibly also want
+# to configure /etc/sysconfig/saslauthd to use the 'pam' mechanism
+# too. Once a user is authenticated, the acl_check_rcpt ACL then
+# allows them to relay through the system.
+#
+# auth_advertise_hosts = ${if eq {$tls_cipher}{}{}{*}}
+#
+# By default, we set this option to allow SMTP AUTH from nowhere
+# (Exim's default would be to allow it from anywhere, even on an
+# unencrypted connection).
+#
+# Comment this one out if you uncomment the above. Did you make sure
+# saslauthd is actually running first?
+#
+auth_advertise_hosts =
2008-08-13 14:36:02 +00:00
# The settings below, which are actually the same as the defaults in the
# code, cause Exim to make RFC 1413 (ident) callbacks for all incoming SMTP
@@ -756,7 +774,7 @@
# driver = plaintext
# server_set_id = $auth2
# server_prompts = :
-# server_condition = Authentication is not yet configured
+# server_condition = ${if saslauthd{{$2}{$3}{smtp}} {1}}
# server_advertise_condition = ${if def:tls_cipher }
# LOGIN authentication has traditional prompts and responses. There is no
2008-08-13 14:36:02 +00:00
@@ -768,7 +786,7 @@
# driver = plaintext
# server_set_id = $auth1
# server_prompts = <| Username: | Password:
-# server_condition = Authentication is not yet configured
+# server_condition = ${if saslauthd{{$1}{$2}{smtp}} {1}}
# server_advertise_condition = ${if def:tls_cipher }