On 2013-06-06 at 11:23 -0700, Marc Perkel wrote: > The ACL condition > > authenticated = * > > Includes failed authentications
The "authenticated" rule matches against the name of the authenticator which succeeded. This is a string under your control. It is the string exposed to Exim's string expansion language as $sender_host_authenticated. The C variable is set in one of three ways: * -oMaa on the command-line * came in from the spool file (so mail is recorded as having a given value) * an authenticator reported success I suggest logging, after that passes: Auth=$sender_host_authenticated Fail=$authentication_failed Id=$authenticated_id This should help you narrow down where you have an authenticator that is passing, even if you're doing something peculiar, such as having the authenticator pass but then trying to reject the result in an ACL instead of in a "condition" rule on the authenticator. Authentication pass/failure is at the authenticator level, not at the level of the ACL plumbed into acl_smtp_auth. Is it possible that you've defined an ACL connected to acl_smtp_auth and have it rejecting the command? If so, you'll need to set an ACL variable recording this fact and check that, not just "authenticated = *", in your later ACLs. -Phil -- ## List details at https://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
