On Sat, 3 Nov 2001, Christopher Curtis wrote:
> > Well, as I said earlier, you can't actually say that to a client. All
> > you can do (all the protocol specifies) is to refuse to accept messages
> > from it. So I think your problem is with your client. If Exim advertises
> > AUTH LOGIN that's the best it can do. Exim 4 isn't going to help here,
> > because there's no other mechanism in SMTP.
>
> Well, I disagree, I think: Exim 4 should be able to report an error like
> '530: not authorised', like it does for the non-TLS sessions. The
> mechanism is there - I've seen it - just not for TLS alone.
Yes, Exim 4 will be able to do that. But that doesn't force the client
to authorise if the client doesn't want to. You may find that the client
just bounces the message when it gets a 5xx error for a RCPT command.
--
Philip Hazel University of Cambridge Computing Service,
ph10@??? Cambridge, England. Phone: +44 1223 334714.