Bug#502963: exim4-daemon-light: Error sending mail with Apple's Mail.app to exim4 over TLS with authentication.

WS spam at wilysloth.com
Tue Oct 21 10:43:59 UTC 2008 

Package: exim4-daemon-light
Version: 4.69-9
Severity: normal

I am trying to get Apple's Mail.app to play with exim4 on a Debian (lenny)
server.

$ dpkg -l | grep exim
ii  exim4                                4.69-9
ii  exim4-base                           4.69-9
ii  exim4-config                         4.69-9
ii  exim4-daemon-light                   4.69-9

I would like the laptop Mail.app lives on to use password authentication over
tls to send mail. However, it does not work.

$ cat exim4.conf.localmacros
MAIN_TLS_ENABLE = true

$ cat update-exim4.conf.conf
dc_eximconfig_configtype='smarthost'
dc_other_hostnames='fooke'
dc_local_interfaces=''
dc_readhost='fooke'
dc_relay_domains=''
dc_minimaldns='false'
dc_relay_nets='192.168.1.0/24'
dc_smarthost='machine.isp.com'
CFILEMODE='644'
dc_use_split_config='false'
dc_hide_mailname='false'
dc_mailname_in_oh='true'
dc_localdelivery='mail_spool'

In exim4.conf.template:
plain_server:
   driver = plaintext
   public_name = PLAIN
   server_condition = "${if crypteq{$auth3}{${extract{1}{:}{${lookup{$auth2}lsearch{CONFDIR/passwd}{$value}{*:*}}}}}{1}{0}}"
   server_set_id = $auth2
   server_prompts = :
   .ifndef AUTH_SERVER_ALLOW_NOTLS_PASSWORDS
   server_advertise_condition = ${if eq{$tls_cipher}{}{}{*}}
   .endif

$ cat passwd
user:310rn3lrrprLr

This is generated using:
htpasswd -nd user

In mainlog I see:
2008-10-18 17:35:39 no IP address found for host laptop (during SMTP connection from [192.168.1.41])
2008-10-18 17:35:49 TLS error on connection from ([192.168.1.41]) [192.168.1.41] (gnutls_handshake): Error in the push function.

'ping laptop' shows there is an IP address for 'laptop' (it comes from dnsmasq
on my dhcp server I think).

$ ping -c1 laptop
PING laptop (192.168.1.41) 56(84) bytes of data.
64 bytes from laptop (192.168.1.41): icmp_seq=1 ttl=64 time=1.89 ms

--- laptop ping statistics ---
1 packets transmitted, 1 received, 0% packet loss, time 0ms
rtt min/avg/max/mdev = 1.898/1.898/1.898/0.000 ms

However, to be sure, I add an appropriate entry in /etc/hosts and the IP
message goes away but the push error stays.

Turning off password auth but still using tls creates the same error.
Turning off password auth and not using tls works just fine and email sends.

I spoke to the exim guys and they say it is most likely to be a gnutls/debian
bug and to post here. I have tried using another client (another Debian box)
and I get a different error which is fixed if I reduced the number of certs in
ca-certificates. However, this does not fix the Mail.app error.

Mail.app uses tls just fine to get the mail in the first place over IMAP.

WS

More information about the Pkg-exim4-maintainers mailing list