On Thu, Oct 16, 2003 at 11:52:22AM +0100, Dennis Davis wrote:
> From: Oliver Egginger <Oliver.Egginger@???>
[...]
>> accept domains = +relay_to_domains
>> accept authenticated = *
>>
>> deny message = relay not permitted
[...]
>> This seems to work fine but authenticated users can use every address
>> they like. How can I restrict them to local addresses (domains) ??
>> Every hint would be appreciated.
>
> Use a ACL variable. You can have:
>
> warn authenticated = *
> set acl_m0 = 1
>
> to determine whether or not an incoming message is authenticated.
> Subsequent acl fragments can then use:
>
> condition = ${if def:acl_m0 {yes}{no}}
>
> to differentiate between authenticated and unauthenticated messages.
Why? Afaict there is absolutely no advantage in following your
suggestion and using "condition = ${if def:acl_m0 {yes}{no}}" instead
of "authenticated = *", it just obfuscates the configuration.
cu andreas
