[exim] logging AUTH before MAIL

Top Page
Delete this message
Reply to this message
Author: Warwick Brown
Date:  
To: 'exim-users@exim.org'
Subject: [exim] logging AUTH before MAIL
Hi All,

I have an issue I've been trying to resolve but so far with no joy.

It occurs to me that an SMTP AUTH attacker will attempt to authenticate, but no log message is written indicating an authentication until an actual mail is accepted for relay. If I was an authentication attacker, once I'd made a good authentication, I wouldn't bother sending a MAIL command, and here lies the problem - how do you log a successful authentication for a user which has not yet sent a mail?

I've tried to set-up an acl_smtp_auth and smtp_mailauth ACL with warn/accept for acl_[mc][01]/logwrite/log_message actions but without success.

Does anyone have any recipies to log an authentication once the auth command has completed (and before a MAIL command is issued)?

I'd be much in gratitude to your response.

Regards,

Warwick