On Thu, 2004-12-16 at 11:12 -0600, Tommy Butler wrote:
> Nigel Metheringham wrote:
> > You make them authenticate.
> I can't believe that isn't the default! Oh my word. How do I enforce this? I
> want to make them authenticate, and I want them to only be able to send mail if
> they log in via a TLS connection.
Its not the default because theres no one way that even a substantial
minority of installations would want to do authentication.
Some people do authentication against the system password database.
That is a security risk - it can be used as a method to brute force the
password database without it appearing as attempted interactive logins.
Other people want to authenticate against a SQL database or a SASL
configured system or....
Some want TLS enforced, some want MSA enforced, others want something
different.
Many of my systems do not authenticate at all (local network relay
only).
As to how to do it... look at the documentation for your version of
exim. I certainly can't remember how to do this on a nearly 3 year
obsolete version.
Nigel.
--
[ Nigel Metheringham Nigel.Metheringham@??? ]
[ - Comments in this message are my own and not ITO opinion/policy - ]
