On Wed, Oct 01, 2003 at 04:47:20PM +0100, Simon Bell wrote:
> How would i make it so that all users but one have to auth via an
> encrypted connection?
>
> I currently have this in my acl_check_auth:
>
> acl_check_auth:
>
> accept local_parts = mobile
> accept encrypted = *
> accept condition = ${if eq {${uc:$smtp_command_argument}}\
> {yes}{no}}
> deny message = TLS encryption required
Perhaps you can check whether $server_set_id matches the username,
another possibility might be to use some clever expansion for
server_condition instead of "accept encrypted = *" that is forced to
fail if the connection is not encrypted and the user is not the
specific one.
BTW I do not understand your "accept condition", I think it is buggy, it
will _always_ return the empty string, it tests whether
$smtp_command_argument converted to uppercase is the string "yes" and
would then return "no", otherwise it returns an empty string, because
| The second string need not be present; if it is not and the condition
| is not true, the item is replaced with nothing.
cu andreas
--
"See, I told you they'd listen to Reason," [SPOILER] Svfurlr fnlf,
fuhggvat qbja gur juveyvat tha.
Neal Stephenson in "Snow Crash"
