[Exim] encrypted auth, except for one user

This is a multi-part message in MIME format.
--
[ Picked text/plain from multipart/alternative ]
Hi

How would i make it so that all users but one have to auth via an
encrypted connection?

I currently have this in my acl_check_auth:

acl_check_auth:

   accept local_parts = mobile
   accept encrypted = *
   accept condition = ${if eq {${uc:$smtp_command_argument}}\
                      {yes}{no}}
   deny message  = TLS encryption required

thanks
Simon
--