{false}}:>)
m4_define(<:ALLOW_PLAINTEXT_AUTH_P:>,
-<:or {{match_ip {$sender_host_address}{+localnet}} \
+<:or {{match_ip {$sender_host_address}{+thishost}} \
{and {{def:tls_cipher} {eq{$acl_c_mode}{submission}}}}}:>)
+m4_define(<:CLIENT_SECRETS_FILE:>, <:CONF_sysconf_dir/client-secrets:>)
+
+m4_define(<:CLIENT_SECRET_GET:>,
+<:${if exists {CLIENT_SECRETS_FILE} \
+ {${lookup {$domain} partial0-lsearch {CLIENT_SECRETS_FILE} \
+ {${extract {$1}{$value}$2$3}} \
+ {${lookup {$host} partial0-lsearch {CLIENT_SECRETS_FILE} \
+ {${extract {$1}{$value}$2$3}} $3}}}} \
+ $3}:>)
+
+m4_define(<:CLIENT_SECRET_EXISTSP:>,
+<:CLIENT_SECRET_GET($1, {true}, {false}):>)
+
+m4_define(<:CLIENT_SECRET:>,
+<:CLIENT_SECRET_GET($1, {${expand:$value}}, fail):>)
+
SECTION(auth)m4_dnl
plain:
driver = plaintext
server_prompts = :
server_condition = CHECK_PASSWD($auth2, $auth3)
server_set_id = $auth2
+ client_condition = CLIENT_SECRET_EXISTSP(plain)
+ client_send = <; CLIENT_SECRET(plain)
login:
driver = plaintext
server_prompts = <; Username: ; Password:
server_condition = CHECK_PASSWD($auth1, $auth2)
server_set_id = $auth1
-
-DIVERT(null)
-###--------------------------------------------------------------------------
-### Verification of sender address.
-
-SECTION(global, acl)m4_dnl
-acl_not_smtp_start = not_smtp_start
-SECTION(acl, misc)m4_dnl
-not_smtp_start:
- ## Record the user's name.
- warn set acl_c_user = $sender_ident
-
-SECTION(acl, mail-hooks)m4_dnl
- ## Check that a submitted message's sender address is allowable.
- require acl = mail_check_auth
-
-SECTION(acl, misc)m4_dnl
-mail_check_auth:
-
- ## If this isn't a submission then it doesn't need checking.
- accept condition = ${if !eq{$acl_c_mode}{submission}}
-
- ## If the caller hasn't formally authenticated, but this is a
- ## loopback connection, then we can trust identd to tell us the right
- ## answer. So we should stash the right name somewhere consistent.
- warn set acl_c_user = $authenticated_id
- hosts = +localnet
- !authenticated = *
- set acl_c_user = $sender_ident
-
- ## User must be authenticated.
- deny message = Sender not authenticated
- !hosts = +localnet
- !authenticated = *
-
- ## Make sure that the local part is one that the authenticated sender
- ## is allowed to claim.
- deny message = Sender address forbidden to calling user
- !condition = ${LOOKUP_DOMAIN($sender_address_domain,
- {${if and {{match_local_part \
- {$acl_c_user} \
- {+dom_users}} \
- {match_local_part \
- {$sender_address_local_part} \
- {+dom_locals}}}}},
- {${if and {{match_local_part \
- {$sender_address_local_part} \
- {+user_extaddr}} \
- {or {{eq {$sender_address_domain} \
- {}} \
- {match_domain \
- {$sender_address_domain} \
- {+public}}}}}}})}
-
- ## All done.
- accept
+ client_condition = CLIENT_SECRET_EXISTSP(login-passwd)
+ client_send = <; \
+ ; CLIENT_SECRET(login-name) \
+ ; CLIENT_SECRET(login-passwd)
+
+cram_md5:
+ driver = cram_md5
+ public_name = CRAM-MD5
+ client_condition = CLIENT_SECRET_EXISTSP(cram-md5-secret)
+ client_name = CLIENT_SECRET(cram-md5-name)
+ client_secret = CLIENT_SECRET(cram-md5-secret)
DIVERT(null)
###--------------------------------------------------------------------------
SECTION(acl, misc)m4_dnl
## Check the `AUTH=...' parameter to a `MAIL' command.
mailauth:
+
## If the client has authenticated using TLS then we're OK. The
## sender was presumably checked upstream, and we can believe that
## the name has been transmitted honestly.
- accept condition = ${if def:tls_peerdn}
+ accept condition = ${if def:tls_peerdn}
+ set acl_m_user = ${if match_address{$authenticated_sender} \
+ {*@CONF_master_domain} \
+ {${local_part:$authenticated_sender}}}
## If this is submission, and the client has authenticated, then we
## check that the name matches the user.
- accept condition = ${if eq {$authenticated_sender} \
- {$authenticated_id@CONF_master_domain}}
+ accept condition = ${if eq {$authenticated_sender} \
+ {$authenticated_id@CONF_master_domain}}
## Otherwise we can't tell who really sent it.
- deny message = Authenticated user not authoritative for claimed sender.
+ deny message = Authenticated user not authoritative for claimed sender.
+
+SECTION(acl, data-hooks)m4_dnl
+ ## Report the `AUTH=' value, if we have one. This is delayed from
+ ## the above so that Exim can figure out a queue id. Once it's done
+ ## so, apparently it reports that automatically, so we don't need to
+ ## mention `$message_exim_id' explicitly here.
+ warn condition = ${if def:acl_m_user}
+ logwrite = AUTH=${quote:$acl_m_user}
DIVERT(null)
###----- That's all, folks --------------------------------------------------