Re: [exim] Using multiple SMTP AUTH drivers

Top Page
Delete this message
Reply to this message
Author: Adam Nielsen
Date:  
To: exim-users
Subject: Re: [exim] Using multiple SMTP AUTH drivers
> > Is there some way to configure multiple authentication drivers with
> > Exim, such that they are tried in order until one is found that
> > succeeds?
>
> No, but the condition used for approval can use `or`.
>
> It's `or{{cond1}{cond2}...{condN}}`
>
>     server_condition = ${if or{\
>       {${lookup WHATEVER1}}\
>       {${lookup WHATEVER2}}\
>       }}


Thanks for your reply! I'm not quite sure I understand how I could use
this however. My understanding is:

* The plaintext authenticator uses server_condition for the final
yes/no, however if this fails because the credentials supplied are
Dovecot ones, there doesn't appear to be a way to call the
driver=dovecot for it to attempt verification.

* The dovecot authenticator only seems to use server_condition after
verifying the user's credentials as an additional check[1], so if
plaintext credentials are supplied they will fail Dovecot auth and
the server_condition will never be evaluated.

Is this correct or am I missing something?

Thanks again,
Adam.

[1]
http://www.exim.org/exim-html-current/doc/html/spec_html/ch-smtp_authentication.html#SECID168
"For the other [not plaintext or gsasl] authenticators,
server_condition can be used as an additional authentication or
authorization mechanism that is applied after the other authenticator
conditions succeed."