What is the simplest and best way to disable any AUTH on port 25? Up
until now I have the following working:
1. Only advertise TLS on port 587:
auth_advertise_hosts = ${if eq{$tls_cipher}{}{}{*}}
2. Disable authenticated connections without TLS:
acl_check_auth
deny message = TLS required on authenticated connections
! encrypted = *
However, I just realised that this disables opportunistic TLS in the
SMTP transport (server to server).
Could I use something like server_advertise_condition instead to only
advertise AUTH on port 587 (and if yes, will that disallow AUTH on 25
completely, not just not advertise it?
--
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/
