Philip Hazel <ph10@???> probably said:
> On Mon, 9 Oct 2000, Peter Radcliffe wrote:
> > My question is, what happens if I decide I want to block on the DUL
> > list but want to be able to use tls/auth from my laptop from a random
> > IP in the DUL ? I'm assuming I'd have to run another exim instance
> > on another port to handle this :/
> Yes, I think that would be the only way to do that.
Looking at this some more, it would have to be on another IP, since
you can't easily specify ports to send to for windoze boxes (and some
of my users have windows boxes) and spare IPs on that subnet is not
something I have :/
I guess what I really want is an extension to /skiprelay to allow
connections if the machien can relay by authentication, which would
have to be done at a later stage in the SMTP conversation.
Wishlist ?
/skipauthrelay; reject any MAIL TO commands unless the host is in
host_relay or the host sucessfully authenticates ?
When I get a moment, now that I'm back home, I'm going to put the
testing release on a spare machine and push some mail through it and
try some more clients against it. Anyone know what mail clients other
than netscape with do SSL and AUTH ?
I'm also seeing an oddity with CRAM-MD5 - I fudged a config so my
laptop was sending some SMTP mail to itself and tested with exim
authenticating to exim, which worked fine with PLAIN and LOGIN
but when I tried the cram entry from the docs and put it first;
cram:
driver = cram_md5
public_name = CRAM-MD5
hide server_secret = ${if eq{$1}{pir}{secret1}fail}
hide client_name = pir
hide client_secret = secret1
it never finished authenticating;
SMTP>> 250-disapp.pir.net Hello disapp.vm.pir.net [192.168.252.1]
250-SIZE 15728640
250-EXPN
250-PIPELINING
250-AUTH CRAM-MD5 PLAIN LOGIN
250 HELP
Calling SSL_read(80d1b00, 80e7000, 4096)
SMTP<< AUTH CRAM-MD5
SMTP>> 334 PDYyNTQuOTcxMTI1NjcxQGRpc2FwcC5waXIubmV0Pg==
tls_do_write(80d0000, 50)
SSL_write(SSL, 80d0000, 50)
outbytes=50 error=0
and there it hung. If I comment out cram and go back to the others, it
works fine. I'll set up the same test case between two machines when
I get that spare machine up, to double check. exim 3.165.
Thanks,
P.
--
pir pir@??? pir@???
