Re: [Exim] Forcing authenticated connections over TLS

Góra strony
Delete this message
Reply to this message
Autor: Steve Haslam
Data:  
Dla: exim-users
Temat: Re: [Exim] Forcing authenticated connections over TLS
On Fri, Oct 11, 2002 at 10:20:55AM +0100, Clive McDowell wrote:
> Folks,
>
> I'm trying to set up an ACL which does this for all authenticated connections. I've set up an acl_smtp_auth procedure as in the manual i.e.
>
> acl_check_auth:
>
> accept encrypted = *
> deny message = TLS encryption required
>
> This works in that the error message appears in the main log but the following acl_check_rcpt ACL allows the connection anyway. How do I prevent the acl_check_rcpt from being run if acl_check_auth has rejected the connection? Sorry if I'm missing something obvious here.


I'm not amazingly au fait with ACLs yet, but wouldn't a "deny" action in
acl_check_auth simply deny the AUTH command?

So you could add a rule to acl_check_rcpt to reject RCPT commands unless
they are encrypted or authenticated, if that's your policy.

Or perhaps there is an action other than "deny" to do what you want in
acl_check_auth?

SRH
--
Steve Haslam      Reading, UK                           araqnid@???
Debian GNU/Linux Maintainer                               araqnid@???
Your heart has been ruptured and it will never heal
To get another heart you'll have to steal                    [leæther strip]