* on the Thu, Dec 21, 2006 at 10:33:54AM +0100, mirdin wrote:
> How can I allow only certain e-mail users (or domains) to use SMTP
> Authentication?
Authentication takes place before the sender address is known. Therefore,
you must allow all users to attempt authentication initially. In the
sender acl you can then do the check. Something like:
deny authenticated = *
!condition = ${if eq{$sender_address_domain}{allowedtoauth.foo}}
However, if the domain you want to filter on is in the actual username sent
during authentication, you can just take that into account in the
server_condition part of your variable.
If you want to limit by ip instead of sender email address domain,
that's much more simple. You use the server_advertise_condition option
in your authenticator(s)
If you provide a little more info on exactly what is being filtered on,
and show us your current authenticator(s), someone should be able to
tell you exactly what to change.
Mike