Re: [Exim] Authenticated sender

Startseite
Nachricht löschen
Nachricht beantworten
Autor: Philip Hazel
Datum:  
To: David Saez
CC: exim-users
Betreff: Re: [Exim] Authenticated sender
On Mon, 28 Jul 2003, David Saez wrote:

> > Yes, the client must successfully authenticate before Exim will trust
> > the value of AUTH on an SMTP MAIL command.
>
> Why not let some acl decide if it could be trusted or not ?


This code is essentially unchanged since Exim 3, which did not have
ACLs. So the answer to your question is "because I did not think of that
when ACLs were added to Exim".

I have put this on the Wish List. I suppose what is needed is something
like a "mailauth" ACL, which would default to

accept authenticated = *

for backwards compatibility.

> A way to set it from within a transport could be useful, at least if
> your proposal to Meng Weng Wong about using MAIL AUTH in SPF is
> accepted (at least it looks great to me).


1. There already is an authenticated_sender option for the smtp transport.

2. Meng Weng Wong tried to reply to me, but unfortunately the message
was sent from a different address and it got caught in my spam defences
because it wasn't on my white list. So I don't know the reaction to that
idea (which was just an idea that struck me - I do not intend to get
involved in designing SPF).

--
Philip Hazel            University of Cambridge Computing Service,
ph10@???      Cambridge, England. Phone: +44 1223 334714.
Get the Exim 4 book:    http://www.uit.co.uk/exim-book