Auteur: W B Hacker Date: À: exim users Sujet: Re: [exim] Sending mails without SMTP authentication
tower wrote: > Hi
>
> I want to allow sending mail without authentication for single account.
> I'm trying to not add another IP to relay_from_hosts, beacuse many
> normal users send from that IP. How can I gently modify my acl.conf to
> do that?
>
>
> #************************************
> acl_check_mail_submission:
> #************************************
> accept hosts = +relay_from_hosts
> require message = Please turn on authentication in
> your email client.
> authenticated = *
> deny message = Mailbox $authenticated_id is
> disable. Please contact with number xx-xxxxxx
> condition = ${if eq \
> {0} \
> {${lookup mysql {SELECT
> active FROM mailbox \
> WHERE
> username='${quote_mysql:$authenticated_id}'} \
> }} \
> }
> control = dkim_disable_verify
> accept
>
>
Have you considered using the same IP, and/or an uncommon port and
protocol for that one account?
Non-routable IPv6 if local, for example.
Even so, I'd want to use matching PEM certs.
You only have to configure the submitter to do SOME form of auth ONCE.
Opening the door to compromise OTOH, can lead to a great deal more work.