<:or {{match_ip {$sender_host_address}{+thishost}} \
{and {{def:tls_cipher} {eq{$acl_c_mode}{submission}}}}}:>)
+m4_define(<:CLIENT_SECRETS_FILE:>, <:CONF_sysconf_dir/client-secrets:>)
+
+m4_define(<:CLIENT_SECRET_GET:>,
+<:${if exists {CLIENT_SECRETS_FILE} \
+ {${lookup {$domain} partial0-lsearch {CLIENT_SECRETS_FILE} \
+ {${extract {$1}{$value}$2$3}} \
+ {${lookup {$host} partial0-lsearch {CLIENT_SECRETS_FILE} \
+ {${extract {$1}{$value}$2$3}} $3}}}} \
+ $3}:>)
+
+m4_define(<:CLIENT_SECRET_EXISTSP:>,
+<:CLIENT_SECRET_GET($1, {true}, {false}):>)
+
+m4_define(<:CLIENT_SECRET:>,
+<:CLIENT_SECRET_GET($1, {${expand:$value}}, fail):>)
+
SECTION(auth)m4_dnl
plain:
driver = plaintext
server_prompts = :
server_condition = CHECK_PASSWD($auth2, $auth3)
server_set_id = $auth2
+ client_condition = CLIENT_SECRET_EXISTSP(plain)
+ client_send = <; CLIENT_SECRET(plain)
login:
driver = plaintext
server_prompts = <; Username: ; Password:
server_condition = CHECK_PASSWD($auth1, $auth2)
server_set_id = $auth1
+ client_condition = CLIENT_SECRET_EXISTSP(login-passwd)
+ client_send = <; \
+ ; CLIENT_SECRET(login-name) \
+ ; CLIENT_SECRET(login-passwd)
+
+cram_md5:
+ driver = cram_md5
+ public_name = CRAM-MD5
+ client_condition = CLIENT_SECRET_EXISTSP(cram-md5-secret)
+ client_name = CLIENT_SECRET(cram-md5-name)
+ client_secret = CLIENT_SECRET(cram-md5-secret)
DIVERT(null)
###--------------------------------------------------------------------------
## `domains.conf' file.
smtp:
driver = smtp
+ hosts_try_auth = *
hosts_require_tls = DOMKV(tls-peer-ca, {*}{})
+ hosts_require_auth = \
+ ${if bool {DOMKV(require-auth, {$value}{false})} {*}{}}
tls_certificate = DOMKV(tls-certificate, {${expand:$value}}fail)
tls_privatekey = DOMKV(tls-private-key, {${expand:$value}}fail)
tls_verify_certificates = DOMKV(tls-peer-ca, {${expand:$value}}fail)
~mdw / exim-config / commitdiff