Re: [exim] forcing smtp

Top Page
Delete this message
Reply to this message
Author: Darren H Jacobs
Date:  
To: exim-users
Subject: Re: [exim] forcing smtp
Thanks for the feed back guys. I actually figured out how to do it in a
somewhat less efficient manner but it has the benefit of giving separate
error messages for lack of tls and lack of authentication so the user
gets a more descriptive error if they're missing one or the other:


--
.
.
.
deny
     condition = ${if and{{eq{$interface_port}{587}} {eq{$tls_cipher}{}} } }
     message   = All port 587 connections must use TLS


 deny
     condition = ${if and{{eq{$interface_port}{587}} 
{eq{$sender_host_authenticated}{}} } }
     message   = All port 587 connections must be Authenticated
.
.
.


--


Darren....



Renaud Allard wrote:
> Mike Cardwell wrote:
>
>> Darren Jacobs wrote:
>>
>>
>>> I'd like to force users sending mail to the smtp submission port 587
>>> to (1) be forced to use tls and (2) be force to authenticate. In
>>> the acl_check_rcpt I have the rule:
>>>
>>> --
>>> deny
>>>       condition = ${if and{{eq{$interface_port}{587}} {eq{$tls_cipher} 
>>> {}} } }
>>>       message   = All port 587 connections must use TLS
>>> --

>>>
>>> which works fine to force people to use tls on port 587 users but I'm
>>> not sure how to go about point (2).
>>>
>> deny condition      = ${if eq{$interface_port}{587}}
>>       !authenticated = *
>>       message        = You must be authenticated to submit mail over 
>> port $interface_port

>>
>>
>
> You have been faster than me, I was just correcting my post to put the same ACL
> as you.
>