[exim] restricting access to AUTH check based on user's IP

Top Page
Delete this message
Reply to this message
Author: Dave Lugo
Date:  
To: exim-users
Subject: [exim] restricting access to AUTH check based on user's IP
Hi,

I'm trying to configure exim (4.50) to check the username/password
pair only when the authenticated_sender is allowed to AUTH from
the connecting IP.

My goal is to be able to prevent AUTH dict attacks (or at least
lessen exposure to them) by restricting by rDNS name or CIDR
when the username/password pair is actually checked to see if
the password is good.

I realize I can set restrictions for this on a global basis, but
what I'm looking for is to be able to do on a per-user basic, by
looking at the name passed w/ AUTH and checking that user's list
of allowed auth hosts. I've been able to do just about everything
else with per-user granularity, but this one has me stumped. Yes,
I've been reading spec.txt. I'm a lot farther along w/ my exim
skills than two months ago, but compared to a lot of folks here,
that's not saying a lot :)

Suggestions gratefully received.

Best regards,

Dave

-- 
--------------------------------------------------------
Dave Lugo   dlugo@???    LC Unit #260   TINLC
Have you hugged your firewall today?   No spam, thanks.
--------------------------------------------------------
Are you the police?  . . . .  No ma'am, we're sysadmins.