Re: [Exim] Forcing tls authentication

Top Page
Delete this message
Reply to this message
Author: Christopher Curtis
Date:  
To: Philip Hazel
CC: Exim Users Mailing List
Subject: Re: [Exim] Forcing tls authentication
On Sat, 3 Nov 2001, Philip Hazel wrote:

> On Sat, 3 Nov 2001, Christopher Curtis wrote:
>
> > Ahh ... the problem really lies here: When Mozilla goes into TLS mode, it
> > absolutely will not volentarily authenticate. If tls_host_accept_relay
> > doesn't list the host, it returns a 550 relaying denied. I want it to say
> > 530 must authenticate instead. Because of this, I will relay for anyone
> > who uses TLS and a valid sender, even if they are not authenticated.
>
> Sounds as if this may be related to auth_always_advertise.


I have auth_always_advertise defaulted to true (per the docs) and in TLS
mode Exim does say it supports 'AUTH LOGIN'. But the client doesn't do it
volentarily, and Exim doesn't say, "No, no, you MUST authenticate". This
problem exists with Mozilla (and there is an outstanding bug for it) but
we can't rely on every MUA to not be broken =)

Chris