Re: [exim] Using multiple SMTP AUTH drivers

Top Page
Delete this message
Reply to this message
Author: Merlin Hartley
Date:  
To: Adam Nielsen
CC: exim-users
Subject: Re: [exim] Using multiple SMTP AUTH drivers
How about saslauthd?
https://github.com/Exim/exim/wiki/AuthenticatedSmtpUsingSaslauthd


M
--
Merlin Hartley


On 17 Mar 2017, at 03:31, Adam Nielsen <a.nielsen@???> wrote:

>>> Is there some way to configure multiple authentication drivers with
>>> Exim, such that they are tried in order until one is found that
>>> succeeds?
>>
>> No, but the condition used for approval can use `or`.
>>
>> It's `or{{cond1}{cond2}...{condN}}`
>>
>>    server_condition = ${if or{\
>>      {${lookup WHATEVER1}}\
>>      {${lookup WHATEVER2}}\
>>      }}

>
> Thanks for your reply! I'm not quite sure I understand how I could use
> this however. My understanding is:
>
> * The plaintext authenticator uses server_condition for the final
> yes/no, however if this fails because the credentials supplied are
> Dovecot ones, there doesn't appear to be a way to call the
> driver=dovecot for it to attempt verification.
>
> * The dovecot authenticator only seems to use server_condition after
> verifying the user's credentials as an additional check[1], so if
> plaintext credentials are supplied they will fail Dovecot auth and
> the server_condition will never be evaluated.
>
> Is this correct or am I missing something?
>
> Thanks again,
> Adam.
>
> [1]
> http://www.exim.org/exim-html-current/doc/html/spec_html/ch-smtp_authentication.html#SECID168
> "For the other [not plaintext or gsasl] authenticators,
> server_condition can be used as an additional authentication or
> authorization mechanism that is applied after the other authenticator
> conditions succeed."
>
> --
> ## List details at https://lists.exim.org/mailman/listinfo/exim-users
> ## Exim details at http://www.exim.org/
> ## Please use the Wiki with this list - http://wiki.exim.org/