Re: [exim] mysql authentication problem...

Top Page
Delete this message
Reply to this message
Author: John Doe
Date:  
To: exim-users
Subject: Re: [exim] mysql authentication problem...
From: Phil Pennock <exim-users@???>
> Since you're on 4.63, you can also use $auth2 instead of $2, for clarity
> (just double-checked, the clearer names were introduced in 4.61).


done, thx.

>> I have another question: how can I allow only encrypted/authenticated
>> connections?
>
> In the ACL logic for the MAIL or RCPT commands, you write rules which
> state that if not on port 25, then you "require" an encrypted connection
> and you require that $authenticated_id be set; that's part of what your
> using server_set_id buys you.
>
> RCPT probably better, some clients allegedly get confused if the MAIL
> command fails.
>
> The cleanest way of doing it is likely to be to have a sub-ACL for doing
> the check, which returns accept for port 25, or for both authenticated
> and encrypted, else returns reject, and then use "require acl = ..." in
> the RCPT logic.


Hum... I must say that I have very poor knowledge of exim syntax...
Been using copy/paste so far. Something like the following?

PORT25 = ${if ={25}{$interface_port}}
PORT587 = ${if ={587}{$interface_port}}

acl_check_rcpt:
deny    message       = TLS required
            condition       = PORT25 : PORT587


Or would that block too much?
I understand that the following will prevent other servers to connect...?

acl_smtp_mail:
  deny   !encrypted  = *
             message    = TLS required
  accept


Thx,
JD