On Thu, 8 Feb 2007, John Robinson wrote:
> > Reject the AUTH command when you don't want it rather than later in
> > server_condition.
>
> I'm not sure I can, or I'm misunderstanding you. I think I have to allow
> AUTH attempts from anyone, anywhere, and it's not until the
> authenticators run that I can extract and examine the user details to
> discover whether it's one of my insecure, untrusted users
Oh, sorry, yes, my misunderstanding. Shouldn't leap in so quickly...
--
Philip Hazel University of Cambridge Computing Service
Get the Exim 4 book: http://www.uit.co.uk/exim-book
