On 19/07/15 16:11, Viktor Dukhovni wrote: > On Sun, Jul 19, 2015 at 03:44:38PM +0100, Jeremy Harris wrote: > >>>>> authenticated = root:exim >>>> >>>> Note that the "authenticated" condition >>>> takes a list of authenticator names, not >>>> user names. >>> >>> Even with mail submitted via Exim's "sendmail" (without -bs)? >> >> Yes. The documentation even says so. > > What about lines 4745 through 4763 of exim.c:
Not relevant for the ACL authenticated= condition (but see below for the $authenticated_id variable) - this condition depends on the sender_host_authenticated value, which is set in smtp_in_auth(). Apart from being copied via a spool file I don't see it getting set to a real value anywhere else in the source. > 4761 if (authenticated_id == NULL && !host_checking) > 4762 authenticated_id = originator_login; > 4763 } > > That last 'authenticated_id = originator_login' seems to suggest > otherwise? One might just have to be careful in the "trusted_caller" > case. > >>> And >>> what is the value of $authenticated_id in that context? [ Just >>> trying to make sense of the example ACLs from Lena. ] >> >> The $authenticated_id variable is set by an authenticator, >> using the authenticator server_set_id option. It is not >> set in any other way. If no authenticator has succeeded, >> it is not set. > > I see that that's all that's documented, but perhaps the documentation > is not 100% complete in this case? I was wrong here; sorry. You are correct that $authenticated_id is set to the user name for a commandline send (apart from special cases permitted to admins). Docs: http://exim.org/exim-html-current/doc/html/spec_html/ch-string_expansions.html "When a message is submitted locally (that is, not over a TCP connection) the value of $authenticated_id is normally the login name of the calling process." -- Cheers, Jeremy -- ## List details at https://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
