SECTION(acl, misc)m4_dnl
## Check the `AUTH=...' parameter to a `MAIL' command.
mailauth:
+
## If the client has authenticated using TLS then we're OK. The
## sender was presumably checked upstream, and we can believe that
## the name has been transmitted honestly.
- accept condition = ${if def:tls_peerdn}
+ accept condition = ${if def:tls_peerdn}
## If this is submission, and the client has authenticated, then we
## check that the name matches the user.
- accept condition = ${if eq {$authenticated_sender} \
- {$authenticated_id@CONF_master_domain}}
+ accept condition = ${if eq {$authenticated_sender} \
+ {$authenticated_id@CONF_master_domain}}
## Otherwise we can't tell who really sent it.
- deny message = Authenticated user not authoritative for claimed sender.
+ deny message = Authenticated user not authoritative for claimed sender.
DIVERT(null)
###----- That's all, folks --------------------------------------------------