Re: [exim] Sending mails without SMTP authentication

Kezdőlap
Üzenet törlése
Válasz az üzenetre
Szerző: tower
Dátum:  
Címzett: Exim-Users
Tárgy: Re: [exim] Sending mails without SMTP authentication
On 10/13/2011 11:30 AM, tower wrote:
> On 10/13/2011 10:58 AM, W B Hacker wrote:
>> tower wrote:
>>> Hi
>>>
>>> I want to allow sending mail without authentication for single account.
>>> I'm trying to not add another IP to relay_from_hosts, beacuse many
>>> normal users send from that IP. How can I gently modify my acl.conf to
>>> do that?
>>>
>>>
>>> #************************************
>>> acl_check_mail_submission:
>>> #************************************
>>> accept hosts = +relay_from_hosts
>>> require message = Please turn on authentication in
>>> your email client.
>>> authenticated = *
>>> deny message = Mailbox $authenticated_id is
>>> disable. Please contact with number xx-xxxxxx
>>> condition = ${if eq \
>>> {0} \
>>> {${lookup mysql {SELECT
>>> active FROM mailbox \
>>> WHERE
>>> username='${quote_mysql:$authenticated_id}'} \
>>> }} \
>>> }
>>> control = dkim_disable_verify
>>> accept
>>>
>>>
>>
>> Have you considered using the same IP, and/or an uncommon port and
>> protocol for that one account?
>>
>> Non-routable IPv6 if local, for example.
>>
>> Even so, I'd want to use matching PEM certs.
>>
>> You only have to configure the submitter to do SOME form of auth ONCE.
>>
>> Opening the door to compromise OTOH, can lead to a great deal more work.
>>
>> HTH,
>>
>> Bill
>>
>>
> Unfortunately that account is configured on very old MFP, which is
> sending emails only to port 25 and of course without authentication.
>
> Can i use something like that:
>
> #************************************
> acl_check_mail_submission:
> #************************************
> accept hosts = +relay_from_hosts
> *accept local_parts = dumbaccount
> domains = example.com*
> require message = Please turn on authentication in your email client.
> authenticated = *
> deny message = Mailbox $authenticated_id is disable. Please contact
> with number xx-xxxxxx
> condition = ${if eq {0} {${lookup mysql {SELECT active FROM mailbox
> WHERE username='${quote_mysql:$authenticated_id}'}}}}
> control = dkim_disable_verify
> accept
>
> The order is right?
>

No, I can't do that, log says:

rejected MAIL dumbaccount@???: cannot test local_parts condition
in MAIL ACL