OK, thanks Tony, but in my folow-up message I noticed in my log 'P=esmtpsa', when I send out per Courier IMAP(-SSL). I'm not sure what the differences are.
Next, I have 'relay_from_hosts = 127.0.0.1 : 192.168.1.0/24 : *.kormar.net : *.kormar.de' defined. Should I change that to 'hostlist relay_from_hosts = : @[] :'? Would that be better? As far as my ACLs, I only have: acl_smtp_rcpt = acl_check_rcpt (the default, nothing changed) acl_smtp_data = acl_check_data (setup for SpamAssassin) acl_not_smtp = acl_check_data (setup for SpamAssassin) I would like to use: #acl_smtp_auth = acl_check_auth #acl_smtp_starttls = acl_check_auth #acl_check_auth: # accept hosts = +auth_relay_hosts ## endpass # require verify = sender # accept authenticated = * # deny domains = !+local_domains # message = relay forbidden without authentication but I don't know how to set that up safely. Thanks, Robert -----Original Message----- From: Tony Finch [mailto:[EMAIL PROTECTED] Behalf Of Tony Finch Sent: Montag, 17. Oktober 2005 11:45 To: Robert Cates Cc: Exim, Users Subject: Re: [exim] problem with authentication (and esmtpa) On Mon, 17 Oct 2005, Robert Cates wrote: > server_advertise_condition = ${if eq{$tls_cipher}{}{no}{yes}} This means that you will only offer authentication over TLS. So your server will never allow P=esmtpa because that's authentication without TLS. As far as I can tell, Exim is doing what it should, except that it's allowing unauthenticated outgoing relaying. You didn't post your ACLs so we can't tell you exactly what to fix, but in the default configuration you would set: hostlist relay_from_hosts = : @[] : Tony. -- <[EMAIL PROTECTED]> <[EMAIL PROTECTED]> http://dotat.at/ ${sg{\N${sg{\ N\}{([^N]*)(.)(.)(.*)}{\$1\$3\$2\$1\$3\n\$2\$3\$4\$3\n\$3\$2\$4}}\ \N}{([^N]*)(.)(.)(.*)}{\$1\$3\$2\$1\$3\n\$2\$3\$4\$3\n\$3\$2\$4}} -- ## List details at http://www.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://www.exim.org/eximwiki/
