I have found another acceptable solution to the advertisement of SMTP
AUTH confusing clients that don't need to authenticate: run another
exim daemon, on an alternate port, that *always* requires
authentication. This other daemon runs as root (and does NO
deliveries), with local_domains = "", and has only one router which
uses normal SMTP to drop everything off directly at the normal SMTP
port.. That it's running as root also lets pam authentication to work
properly..
Clients that are or expect to be outside the authorized network, can
switch their 'outgoing mail' port, and configure to authenticate. Other
clients will not be affected.
However, it might be nice if I could have one exim daemon, listening to
BOTH ports, and applying different policy to each, instead of having to
run two (the permissions for PAM would have to be addressed seperately)
I beleive this is completely impossible at this time, but was wondering
if anyone else thought this would be useful? The config concept would
be to specify a set of listeners at specified ports, and then have all
options which affect "incoming SMTP policy" be associated with a
specific listener port..