Autor: Harald Schueler Data: A: exim-users Assumpte: [Exim] Exim 4 and AUTH over TLS only
When trying to convert our outgoing servers to Exim 4, I noticed that
"auth_over_tls_hosts" is gone (handled by ACLs). Unfortunately AUTH is
now always advertised, even if it is only possible over TLS. This leads
to the well-known Netscape-problems: This time the clients which were
not configured to do either TLS or AUTH, nevertheless try to AUTH over
the unencrypted channel, and fail ("need TLS before AUTH"). With Exim 3
we had "auth_over_tls_hosts = *" and so AUTH was only seen when
connecting over TLS.
Is there a way to get this behaviour back in Exim 4?
(I tried advertising AUTH only to clients which really have to AUTH to
be allowed to relay, but this lead to other problems with roaming
notebooks (sometimes on our network, sometimes over other ISPs) and mail
clients which use fixed settings for TLS and AUTH, and which depend on
seeing AUTH, once configured to authenticate to the server.)
--
Harald Schueler