Re: [exim] AUTH over TLS only

Página Principal
Apagar esta mensagem
Responder a esta mensagem
Autor: Marc Haber
Data:  
Para: exim-users
Assunto: Re: [exim] AUTH over TLS only
On Thu, 1 Dec 2005 05:55:04 -0600, Mark Nipper <nipsy@???>
wrote:
>tls_advertise_hosts = *
>auth_advertise_hosts = ${if eq{$tls_cipher}{}{}{*}}
>
>The second directive in particular is what does it.
>
>        Now, someone much more knowledgeable about such things
>than me will have to say whether that actually prevents a client
>from ignoring exim and attempting to authenticate anyway without
>TLS. 


It should prevent a well-behaved client from authenticating since it
does only advertise AUTH over encrypted connections. Of course, a very
broken client who insists to authenticate even to a server that
doesn't advertise AUTH is not prevented.

Greetings
Marc

-- 
-------------------------------------- !! No courtesy copies, please !! -----
Marc Haber         |   " Questions are the         | Mailadresse im Header
Mannheim, Germany  |     Beginning of Wisdom "     | http://www.zugschlus.de/
Nordisch by Nature | Lt. Worf, TNG "Rightful Heir" | Fon: *49 621 72739834