Re: [Exim] conceptual auth problem

Top Page
Delete this message
Reply to this message
Author: Dave C.
Date:  
To: Tamas TEVESZ
CC: exim-users
Subject: Re: [Exim] conceptual auth problem
I think section 35.5 of the spec is what you are looking for.. It seems
to describe exactly what you need, although with a slightly different
mechanism..

You only put the hosts in the 'authenticate_hosts' (which is in fact
exactly the option you use in the transport config..)

Then take a look at sections 36.2 and 37.2..

Then, when exim connects to any server specified there, that announces
auth support, it look for an auth method in your list of configured
authenticators which matches.

Remember that the variables
$remote_host and $remote_host_address are available for expansions. in
the client_send option of the plaintext authenticator, and the
client_name and client_secret options.

If you have different user/pass combinations for different servers, you
would have to use them in, for example, an lsearch lookup witht he
remote host name or IP as the key



On Fri, 7 Dec 2001, Tamas TEVESZ wrote:

>
> hi,
>
> i think i'm having a conceptual misunderstanding with asmtp.
>
> when exim acts only as a client - fine, when only as a server - fine,
> when both a client and a server where it has to authenticate itself to
> one and only one other server (say a smarthost) - fine.
>
> but what if i have several smarthosts (say as fallback smarthosts),
> which all require me to authenticate myself, but i have different
> account names and passwords on them (let alone what if they
> require different kinds of authentication) ?
>
> the problem is i can't even illustrate properly what am i missing.
> the way i think it would make more sense is that the authenticators
> section should only include the configuration for exim as the auth
> server, and the client part should go someplace else, maybe directly
> into the transport. if it were so, i could easily do something like:
>
> remote_smtp:
>   driver = smtp
>   authenticate_hosts = smarthost1 ^ username1 ^ password1 : \
>     smarthost2 ^ username2 ^ password2

>
> (never mind the actual syntax, i'm just trying illustrate my point).
>
> so, if smtp connects to smarthost1, it would use username1/username2,
> same goes for smarthost2/username2/password2... you get the idea.
>
> i realize this as it is still leaves the method open, but first i'd
> like to ask for some help to express my problem :) (you know it feels
> kind of weird when you don't understand what don't you understand,
> and can't ask it because you don't understand it...).
>
> i think what i'd like to see here is an expandable authenticate_hosts
> (or maybe an authenticate_hosts_file ?), with falling back to no
> authentication when no matching hosts are found ?
>
> anyone with a hand ? it's ok to tell me to buzz off, but please
> include some explanation then :)
>
> i feel like dumbest...
>
> thanks a lot,
>
>


--