Scratching an itch to make $subject easier, I coded up
an Exim authenticator driver which is _not_ supporting
ESMTP Authentication.
You get "esmtpsa" in log lines and the
ACL "authenticated" condition, and can set the
$authenticated_id variable.
It runs immediately after a TLS negotiation; example
use is:
=============
begin authenticators
tls:
driver = tls
server_param1 = ${certextract {subj_altname,mail,>:} \
{$tls_in_peercert}}
server_condition = ${if forany {$auth1}\
{!= {0} \
{${lookup ldap{ldap:///\
mailaddr=${quote_ldap_dn:${lc:$item}},\
ou=users,LDAP_DC?mailid} {$value}{0} \
} } } }
server_set_id = ${if = {1}{${listcount:$auth1}} {$auth1}{}}
==============
Code at:
http://git.exim.org/users/jgh/exim.git/shortlog/refs/heads/tls_auth
Any interest?
--
Jeremy
