Re: [exim] AUTH over TLS only

Top Page
Delete this message
Reply to this message
Author: Mark Nipper
Date:  
To: Warren Howard
CC: exim-users
Subject: Re: [exim] AUTH over TLS only
On 01 Dec 2005, Warren Howard wrote:
> Is there a way in Exim to setup matching functionality to Postfix's
> "smtpd_tls_auth_only = yes" option? I've read through
> http://www.exim.org/exim-html-4.50/doc/html/spec_38.html#IX2419 and the
> closest matching option I can find is "hosts_require_tls" which is not
> what I want.


        I'm using this in my configuration file to achieve that:
---
tls_advertise_hosts = *
auth_advertise_hosts = ${if eq{$tls_cipher}{}{}{*}}


The second directive in particular is what does it.

        Now, someone much more knowledgeable about such things
than me will have to say whether that actually prevents a client
from ignoring exim and attempting to authenticate anyway without
TLS.  But I don't think there is much helping that on the exim
side anyway if the client just insists on acting stupidly.


-- 
Mark Nipper                                                e-contacts:
832 Tanglewood Drive                                nipsy@???
Bryan, Texas 77802-4013                     http://nipsy.bitgnome.net/
(979)575-3193                      AIM/Yahoo: texasnipsy ICQ: 66971617


-----BEGIN GEEK CODE BLOCK-----
Version: 3.1
GG/IT d- s++:+ a- C++$ UBL++++$ P--->+++ L+++$ !E---
W++(--) N+ o K++ w(---) O++ M V(--) PS+++(+) PE(--)
Y+ PGP t+ 5 X R tv b+++@ DI+(++) D+ G e h r++ y+(**)
------END GEEK CODE BLOCK------

---begin random quote of the moment---
"I know the forces of spontaneous, emergent life are stronger
than the forces of evil, repression and death, and the forces of
death will destroy themselves."
-- William S. Burroughs
----end random quote of the moment----