Hi
> What I use in this situation is the SASL EXTERNAL mechanism.
> This is designed for lifting some lower-level authentication
> (such as IPSEC or
> TLS) to the SASL level, but there's no reason that you can't
> consider TCP connections from a known client to be good
> enough authentication in the right context.
>
> On the server:
>
> EXTERNAL:
> driver = plaintext
> server_set_id = $1
> server_prompts = :
> server_condition = yes
> server_advertise_condition = ${if match_ip{$sender_host_address} \
> {+trusted_hosts} }
> On the client:
>
> EXTERNAL:
> driver = plaintext
> client_send = usernameThe problem here is, that it need configuration on the client. This is not what I want. (Yes, I know, ips can be spoofed, but this is only for a private network.) Actually I would lookup the ip in a database and assign the "authenticated" to the result. However, my feature request enables much more... I am just thinking, that I can READ every variable everywhere using $variable, why shouldn't I be able to assign them? (At least for most, this should not be a problem.) Regards, Steffen
smime.p7s
Description: S/MIME cryptographic signature
-- ## List details at http://www.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://www.exim.org/eximwiki/
