On 26/11/17 09:46, Torsten Tributh via Exim-users wrote: > Hi,
> in RC2 the acl_smtp_auth will be called in more cases
> than just AUTH.
> I see a lot of connects where the AUTH-acl will be called
> directly after STARTTLS in the smtp stream.
If your exim is build with the AUTH_TLS option, and the client
presents a client certificate which verifies, and an SMTP command
AUTH has not yet been done, and you have an Auth ACL:
it'll be called after STARTTLS (or on TLS-on-connect).
If the ACL returns accept, then the set of authenticators
will be checked for any with driver "tls".
> I also recognized that in these cases the AUTH-acl will also be called
> after ACL-DATA.
That's probably a (minor) bug. Thanks for pointing it out.
--
Cheers
Jeremy