Re: [Exim] encrypted auth, except for one user

Kezdőlap
Üzenet törlése
Válasz az üzenetre
Szerző: Jonathan Vanasco
Dátum:  
Címzett: Andreas Metzler
CC: 'Exim Users Mailing List'
Tárgy: Re: [Exim] encrypted auth, except for one user
this is probably a more roundabout way, but...

receive non-encrypted messages on a non-standard port (8026 or
something)...
then have a separate auth for that

this way, you don't even bother with ssl/non ssl on the same port

i'm picky and crazy like that though.

On Thursday, October 2, 2003, at 06:04 AM, Andreas Metzler wrote:

> On Wed, Oct 01, 2003 at 04:47:20PM +0100, Simon Bell wrote:
>> How would i make it so that all users but one have to auth via an
>> encrypted connection?
>>
>> I currently have this in my acl_check_auth:
>>
>> acl_check_auth:
>>
>>    accept local_parts = mobile
>>    accept encrypted = *
>>    accept condition = ${if eq {${uc:$smtp_command_argument}}\
>>                       {yes}{no}}
>>    deny message  = TLS encryption required

>
> Perhaps you can check whether $server_set_id matches the username,
> another possibility might be to use some clever expansion for
> server_condition instead of "accept encrypted = *" that is forced to
> fail if the connection is not encrypted and the user is not the
> specific one.
>
> BTW I do not understand your "accept condition", I think it is buggy,
> it
> will _always_ return the empty string, it tests whether
> $smtp_command_argument converted to uppercase is the string "yes" and
> would then return "no", otherwise it returns an empty string, because
> | The second string need not be present; if it is not and the condition
> | is not true, the item is replaced with nothing.
>           cu andreas
> --
> "See, I told you they'd listen to Reason," [SPOILER] Svfurlr fnlf,
> fuhggvat qbja gur juveyvat tha.
> Neal Stephenson in "Snow Crash"

>
> --
>
> ## List details at http://www.exim.org/mailman/listinfo/exim-users
> Exim details at http://www.exim.org/ ##
>