On 19/07/15 16:11, Viktor Dukhovni wrote:
> On Sun, Jul 19, 2015 at 03:44:38PM +0100, Jeremy Harris wrote:
> 
>>>>>   authenticated = root:exim
>>>>
>>>> Note that the "authenticated" condition
>>>> takes a list of authenticator names, not
>>>> user names.
>>>
>>> Even with mail submitted via Exim's "sendmail" (without -bs)?
>>
>> Yes.  The documentation even says so.
> 
> What about lines 4745 through 4763 of exim.c:

Not relevant for the ACL authenticated= condition
(but see below for the $authenticated_id variable)

- this condition depends on the sender_host_authenticated
value, which is set in smtp_in_auth().  Apart from
being copied via a spool file I don't see it getting
set to a real value anywhere else in the source.


> 4761   if (authenticated_id == NULL && !host_checking)
> 4762     authenticated_id = originator_login;
> 4763   }
> 
> That last 'authenticated_id = originator_login' seems to suggest
> otherwise?  One might just have to be careful in the "trusted_caller"
> case.
> 
>>> And
>>> what is the value of $authenticated_id in that context? [ Just
>>> trying to make sense of the example ACLs from Lena. ]
>>
>> The $authenticated_id variable is set by an authenticator,
>> using the authenticator server_set_id option.  It is not
>> set in any other way.  If no authenticator has succeeded,
>> it is not set.
> 
> I see that that's all that's documented, but perhaps the documentation
> is not 100% complete in this case?

I was wrong here; sorry.  You are correct that $authenticated_id
is set to the user name for a commandline send (apart from
special cases permitted to admins).  Docs:


http://exim.org/exim-html-current/doc/html/spec_html/ch-string_expansions.html

"When a message is submitted locally (that is, not over a TCP
connection) the value of $authenticated_id is normally the login name of
the calling process."


-- 
Cheers,
  Jeremy


-- 
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

Reply via email to