On Mon, 2004-04-26 at 15:43 +0100, Peter Bowyer wrote:
> Not sure I agree - it only takes one extra ACL test to listen on both and
> reject on 587 if not authenticated - something like this which was posted by
> Bruce Richardson on 11th April:
>
> accept hosts = +auth_relay_hosts
> condition = ${if eq {$interface_port}{587} {yes}{no}}
> endpass
> message = relay not permitted, authentication required
> authenticated = *
Now for another wrench that we ran into... Is there a way to get Exim
to do traditional SSL on 587? We don't want to send auth data in
cleartext, and the major email clients can't do TLS except on port 25.
I've used Thunderbird with TLS on non-25 ports -- but Outlook and Apple
Mail seem to use this algorithm:
If (ssl && port 25)
TLS
Else If (ssl)
Raw SSL
Else
SSL Disabled
And AFAIK, Exim only does TLS.
--
Craig Kelley <ckelley@???>
In-Store Broadcasting Network