Date: Thu, 14 Sep 2000 14:49:18 +0100 From: Christi Alice Scarborough Thanks very much to everyone who helped out with this - I now have a working system. For reference, this is how I got PAM authentication from a standard UNIX password database with Eudora 4.3 clients to work on a Debian 2.2 (Intel) system. This configuration assumes that you are using standard UNIX crypt passwords; pam-pwdfile is NOT compatible with MD5 encrypted passwords. 1) Installed the following packages from the Debian unstable tree exim_3.16-3.deb eximon_3.16-3.deb libpcre3_3.3-2.deb 2) Installed the following stable package libpam-pwdfile_0.1-1.deb 3) Added the following authentication section to exim.conf login: driver = plaintext public_name = LOGIN server_condition = "${if pam{$1:$2}{1}{0}}" server_prompts = "Username:: : Password::" server_set_id = $1 4) Added the following line to the first Exim configuration section host_auth_accept_relay = * 5) Created /etc/pam.d/exim with contents as follows auth required pam_pwdfile.so pwdfile /etc/exim.passwd account required pam_pwdb.so 6) Run the following script from crontab to keep the exim password file synchronised with our shadow password file. (Logins to this machine are firewalled off. If you want to allow local logins, you might want to use a completely seperate password file for security reasons.) #!/bin/sh # # This script copies the shadow password file to exim.passwd and sets # permissions so that exim can read it for pam-pwdfile authentication cp /etc/shadow /etc/exim.passwd.temp chmod 600 /etc/exim.passwd.temp chown mail:mail /etc/exim.passwd.temp mv /etc/exim.passwd.temp /etc/exim.passwd