Author: Clive McDowell Date: To: exim-users Subject: Re: [Exim] Forcing authenticated connections over TLS
----- Original Message -----
From: "Philip Hazel" <ph10@???>
To: "Clive McDowell" <C.McDowell@???>
Cc: "exim-users" <exim-users@???>
Sent: Friday, October 11, 2002 4:39 PM
Subject: Re: [Exim] Forcing authenticated connections over TLS
> On Fri, 11 Oct 2002, Clive McDowell wrote:
>
> > I'm trying to set up an ACL which does this for all authenticated
> > connections. I've set up an acl_smtp_auth procedure as in the manual
> > i.e.
> >
> > acl_check_auth:
> >
> > accept encrypted = *
> > deny message = TLS encryption required
> >
> > This works in that the error message appears in the main log but the
> > following acl_check_rcpt ACL allows the connection anyway. How do I
> > prevent the acl_check_rcpt from being run if acl_check_auth has
> > rejected the connection? Sorry if I'm missing something obvious here.
>
> That ACL just controls the AUTH command.
>
> If you want to reject messages from unauthenticated connections, you
> need an ACL that runs at RCPT time which tests the "authenticated"
> condition.
Great - just needed to move the 'accept authenticated = *' line above the 'accept hosts' line in acl_check_rcpt. Thanks for this Philip.
Clive McDowell
Information Services
The Queen's University of Belfast