Re: [Exim] Forcing authenticated connections over TLS

Top Page
Delete this message
Reply to this message
Author: Steve Haslam
Date:  
To: exim-users
Subject: Re: [Exim] Forcing authenticated connections over TLS
On Fri, Oct 11, 2002 at 10:20:55AM +0100, Clive McDowell wrote:
> Folks,
>
> I'm trying to set up an ACL which does this for all authenticated connections. I've set up an acl_smtp_auth procedure as in the manual i.e.
>
> acl_check_auth:
>
> accept encrypted = *
> deny message = TLS encryption required
>
> This works in that the error message appears in the main log but the following acl_check_rcpt ACL allows the connection anyway. How do I prevent the acl_check_rcpt from being run if acl_check_auth has rejected the connection? Sorry if I'm missing something obvious here.


I'm not amazingly au fait with ACLs yet, but wouldn't a "deny" action in
acl_check_auth simply deny the AUTH command?

So you could add a rule to acl_check_rcpt to reject RCPT commands unless
they are encrypted or authenticated, if that's your policy.

Or perhaps there is an action other than "deny" to do what you want in
acl_check_auth?

SRH
--
Steve Haslam      Reading, UK                           araqnid@???
Debian GNU/Linux Maintainer                               araqnid@???
Your heart has been ruptured and it will never heal
To get another heart you'll have to steal                    [leæther strip]