[Exim] Using "authenticated = *"

Morning folks
Just a quick public thanks to Nico for his input a week or two back into
condition combining - it was very educational!

I've got my new mail server up and running now - just migrated all the
users across and just about everything is working: couple of niggles to
sort out still, the most urgent of all being SMTP auth, which, while it
is working (the auth part), my intention was to exempt all authenticated
smtp connects from the ACL checks.

Right now I'm doing the usual checks against one or two DNSBL's, which
is, as expected, bouncing smtp connects appropriately. However, I'm
also bouncing smtp connects from SMTP authenticated users, which was not
my intention. From the manual, I gather I need to probably prefix my
entire ACL section with something like:

if !(authenticated = *)

do I not?

Or is it simply a question of putting "authenticated = *" in the config
file? If I do this, will it not bounce all unauthenticated mail even
from valid sources?

Sorry for the fuzzy question: after a hectic day yesterday ironing out
the changeover to the new machine I still was up every hour last night
tending to my youngest and allegedly dearest bairn suffering from the
excessive heat - things are not as clear this morning as they normally
are, which is not all that clear at the best of times anyway . . . :-)

Thanks for your time
Konrad