On 9 May 2005 at 20:09, n-other@??? wrote about
"[exim] setting exim with custom aut":
| Hello all,
|
| I'm trying to setup exim, which will accept relaying only if
|
| 1) sender is our local user and he has authorized himself
Is the fact that he authorized himself sufficient, or do you also
want to prevent authorized users from specifying non-local addresses
in MAIL FROM: (which can have legitimate uses)?
| 2) we have received mail from any source, which should be delivered locally
|
| second part can be done easily, but I can't figure out how to do the first one.
| the main problem that acl_smtp_mail does not accept 'domains' condition, so I
| can't really know which user from the message is coming.
"domains" has to do with *recipient* addresses, not the sender
address. You can test the *sender's* domain in acl_smtp_mail with
the sender_domains condition. But the sender address is not
reliable, it can be anything the sending client says it is.
You can use condition "authenticated = *" to make sure the sender has
authenticated himself.
If you want to disallow sender address spoofing by authenticated
clients, use server_set_id in your authenticators to set
$authenticated_id to the username credential, then test that against
$sender_address in acl_smtp_mail.
- Fred
