[Exim] Authentication problem

Αρχική Σελίδα
Delete this message
Reply to this message
Συντάκτης: Kostadin Kostadinov
Ημερομηνία:  
Προς: exim-users
Αντικείμενο: [Exim] Authentication problem
Hi guys,

According to exim docs it issues challenge to client which issues an
AUTH command, naming a specific mechanism (AUTH PLAIN for example).

Very briefly, the way SMTP authentication works is as follows:

    *


      The server advertises a number of authentication /mechanisms/ in
      response to the client's EHLO command.


    *


      The client issues an AUTH command, naming a specific mechanism.
      The command may, optionally, contain some authentication data.


    *


      The server may issue one or more /challenges/, to which the client
      must send appropriate responses. In simple authentication
      mechanisms, the challenges are just prompts for user names and
      passwords. The server does not have to issue any challenges - in
      some mechanisms the relevant data may all be transmitted with the
      AUTH command.


    *


      The server either accepts or denies authentication.


    *


      If authentication succeeds, the client may optionally make use of
      the AUTH option on the MAIL command to pass an authenticated
      sender in subsequent mail transactions. Authentication lasts for
      the remainder of the SMTP connection.


    *


      If authentication fails, the client may give up, or it may try a
      different authentication mechanism, or it may try transferring
      mail over the unauthenticated connection.


My question is how a can restrict clients/hosts that DO NOT issue AUTH
command since I dont want everyone to send through my SMPT server. In
other words i dont want to allow others to use my smtp server to relay
their messages except if they authenticate to the server. But how to
make them athenticate if they do not issue AUTH command? Obviously i
have to restrict clients that do not issue AUTH command. How can i do
that with Exim? (I dont want to restrict any IP in the Internet)

Thank you in advance.

Kosta