Apologies for the confusion ... let me try to be more specific:
On Fri, 2 Nov 2001, Philip Hazel wrote:
> You want people running an MUA from a random network to be able to
> relay if they are authenticated, and they must authenticate over TLS.
>
> So far, so good. You can do this by setting
>
> auth_over_tls_hosts = * <= must use TLS before AUTH
> host_auth_accept_relay = * <= may relay if authenticated
Yes. This is correct and functioning.
> > The problem with forcing authentication is that this forces remote SMTP
> > servers to authenticate,
>
> The word "force" here is confusing. As I said in an earlier message, you
> can't "force" the remote server to do anything. All you can do is to
> reject mail if they don't do something. So this is where I'm confused.
Okay. All I mean here is that if I say auth_hosts=* then nobody will be
able to receive mail, since foreign SMTP servers will not authenticate.
> > which none do, so no local mail is ever
> > delivered.
>
> What exactly to you mean by "local mail"? Exim should always accept mail
> for any domains in local_domains, whether or not the sending host is
> authenticated.
This does not appear to be the case. If I set auth_hosts=* I get:
MAIL FROM: ccurtis@???
530 Authentication required
Without bothering to find out where it's going to.
> > But what I can't do is make it force AUTH
> > if in TLS, which would solve the local->local problem.
>
> I'm not clear about what you mean by "local->local". Do you mean "host
> on local LAN relaying to another host on local LAN"? Or something to do
> with local mailboxes on the server in question? If the former, you can
> set hosts_accept_relay to allow hosts on your LAN to relay without any
> other conditions.
And if the latter ... ?
The whole scenario is this: This machine sits at an ISP on an isolated
network. There are these three conditions:
Sender Recipient Action
------ ---------- ------
non-local mail non-local mail reject
non-local mail local mail deliver if remote_sender valid (callback)
local mail remote mail require TLS, authentication; deliver
local mail local mail require TLS, authentication; deliver
What I have is this:
Sender Recipient Action
------ ---------- ------
non-local mail non-local mail reject
non-local mail local mail deliver if remote_sender valid (callback)
local mail remote mail require TLS, authentication; deliver
local mail local mail deliver
Now, the connection will not be made from the local machine, nor from the
local LAN, nor from any predermined LAN. Support staff will be traveling
and connecting from many unknown networks, all of which are untrusted.
And everything works fine unless joe@??? sends email to fred@???
over this LAN, because exim doesn't say 'you must use TLS' and 'you must
authenticate yourself'. auth_if_relay is fine, but I need something along
the lines of auth_if_local_email. That would solve everything.
What I was thinking of before, is that you can force your mail client to
always use TLS and I wanted exim to say 'if you are using TLS, you must
authenticate to send mail anywhere', but that's not ideal I now see.
This would also have the added problem that spammers could abuse this by
finding a local account, using TLS, not authenticate, and spam everyone at
this host, or just forge email in general. I'd like to prevent that as
well as best I can.
Hope this clears the problem space up some,
Chris
