Gedalya via Exim-users <exim-users@???> (So 07 Feb 2021 09:20:43 CET):
>
> acl_check_rcpt_submit:
As you pointed out in your other message: yes, it should be in the
acl_smtp_mail ACL section, if you want to check for successful
authentication prior the MAIL command.
>
> require
> message = Secure authentication is required
> condition = ${if eq{$tls_cipher}{}{no}{yes}}
> authenticated = *
The `condition = … tls_cipher` can be omitted, if your authenticator
itself requires a secure connection, like in most examples.
I'd do it that way:
-------------------------
# allow overriding the macro on the commandline like in
# swaks … --pipe 'exim -DIS_TLS=true -bh …'
.ifndef IS_TLS
IS_TLS = ${if !eq{$tls_in_cipher}{}}
.endif
begin acl
acl_check_mail:
require message = please authenticate first
authenticated = *
require message = please use a secure transport
condition = IS_TLS
begin auth
plain:
driver = plain
server_advertise_condition = IS_TLS
-------------------------
Best regards from Dresden/Germany
Viele Grüße aus Dresden
Heiko Schlittermann
--
SCHLITTERMANN.de ---------------------------- internet & unix support -
Heiko Schlittermann, Dipl.-Ing. (TU) - {fon,fax}: +49.351.802998{1,3} -
gnupg encrypted messages are welcome --------------- key ID: F69376CE -