Re: [exim] AUTH over TLS only

Alan J. Flavell ha scritto:
> On Sat, 4 Feb 2006, Marco wrote:
>
>
>> Can I send a custom SMTP error (ex. You must use an encrypted
>> session!!), when exim4 reject an non-encrypted authentication
>> session?
>>
>
> Do you mean something like this?
>
>
> acl_smtp_auth = check_security
>
> [...]
>
> ###########################################
> # ACL that is used after the AUTH command #
> ###########################################
> check_security:
> # We'll only accept an AUTH if it's going to be secure. (In fact we don't
> # advertise it unless that's the case!)
> accept encrypted = *
>
> deny message = Encryption required for authenticated sending.
>
>
> I don't see a single instance of this message triggered in our entire
> archived logs, so it looks as if clients are behaving correctly, in
> accordance with the fact that we're only advertising auth when TLS is
> in effect.
>
> regards
>
I Alan,
I have try with your options, but Exim don't send the "Encryption
required for authenticated sending"
with an SMTP error (ex. code 5xx Encryption required for authenticated
sending) to client.

I look this message only on my log. Can Exim send an SMTP error (ex.
code 5xx Encryption required for authenticated sending)
to client?

Your acl replace the option "auth_advertise_hosts = ${if
eq{$tls_cipher}{}{}{*}}"?

Thanks
Marco