X-Git-Url: https://git.distorted.org.uk/~mdw/exim-config/blobdiff_plain/4aceee8c511e751b3a0a2a35af4fbfe84b1e9d2e..e3c9c42730981542c7697a34f59cc95cd6281fec:/auth.m4

diff --git a/auth.m4 b/auth.m4
index 019623d..817bfd6 100644
--- a/auth.m4
+++ b/auth.m4
@@ -93,6 +93,9 @@ mailauth:
 	## sender was presumably checked upstream, and we can believe that
 	## the name has been transmitted honestly.
 	accept	 condition = ${if def:tls_peerdn}
+		 set acl_m_user = ${if match_address{$authenticated_sender} \
+						    {*@CONF_master_domain} \
+				       {${local_part:$authenticated_sender}}}
 
 	## If this is submission, and the client has authenticated, then we
 	## check that the name matches the user.
@@ -102,5 +105,13 @@ mailauth:
 	## Otherwise we can't tell who really sent it.
 	deny	 message = Authenticated user not authoritative for claimed sender.
 
+SECTION(acl, data-hooks)m4_dnl
+	## Report the `AUTH=' value, if we have one.  This is delayed from
+	## the above so that Exim can figure out a queue id.  Once it's done
+	## so, apparently it reports that automatically, so we don't need to
+	## mention `$message_exim_id' explicitly here.
+	warn	 condition = ${if def:acl_m_user}
+		 logwrite = AUTH=${quote:$acl_m_user}
+
 DIVERT(null)
 ###----- That's all, folks --------------------------------------------------