Re: [exim] Strange authentication

Top Page
Delete this message
Reply to this message
Author: Graeme Fowler
Date:  
To: exim-users
Subject: Re: [exim] Strange authentication
On Fri, 2007-04-27 at 22:45 +0200, Steffen Heil wrote:
> I want to do the following: I want to set authentication depending on the
> MAIL FROM command.
>
> For example:
> MAIL FROM: a,b,c
> should do the same as:
> USER a
> PASS b
> MAIL FROM: c


Hrm. Strictly speaking, the answer is a resounding no because you'd be
in breach of RFC2821 with this syntax. To condense the relevant clause:

MAIL FROM:<local_part@fqdn>

is the syntax. So what you'd require is a MAIL FROM of:

MAIL FROM:<user,pass,local_part@fqdn>

You may need some other separator (I'm unsure as to whether a comma is a
permitted character in a local part), and note that you must then ensure
that your users don't use the separator character in their passwords as
it will break the split when you process it further. In fact, there's a
whole world of pain waiting for you there - the point of the SMTP AUTH
extension is that, generally speaking, the password is encoded in some
way (Base64 normally) which prevents character "assassination" (excuse
the pun) by special or unusual characters.

> The idea is to use authentication with clients that cannot do smtp auth (a
> motorola v3xx cell phone in my case).


As Renaud said, the phones can do SMTP AUTH already. Unless you have a
"special case".

> Can this be done?


Probably, but it's far too complicated for me to try doing at this time
of the day :)

> Can I set sender and authenticated_id somehow?


Probably not. You'd need to be inside the AUTH area to do that, and
you're trying not to be.

> And no, I do not want to use SMTP after POP.
> And yes, everything is SSL-encrypted already.


Well, that's a relief. Isn't it?

Graeme