Split configuration into subfiles

author: root 2017-03-28 10:05:16 +0200
committer: root 2017-03-28 10:05:16 +0200
commit: 1009459ba2cdca8e16eacfa9c995ae2f31599850 (patch)
tree: 345f1f0b0c4492c981a85e33ec9be8c27b52be05 /conf.d/070_authenticators.conf
parent: 3210d80e8aa85f3821951d312d56cc418d06e360 (diff)
download: exim-1009459ba2cdca8e16eacfa9c995ae2f31599850.tar.gz
1 files changed, 47 insertions, 0 deletions
diff --git a/conf.d/070_authenticators.conf b/conf.d/070_authenticators.conf
new file mode 100644
index 0000000..0d7bc9c
--- /dev/null
+++ b/conf.d/070_authenticators.conf
@@ -0,0 +1,47 @@
+######################################################################
+#                   AUTHENTICATION CONFIGURATION                     #
+######################################################################
+# The following authenticators support plaintext username/password
+# authentication using the standard PLAIN mechanism and the traditional
+# but non-standard LOGIN mechanism, with Exim acting as the server.
+# PLAIN and LOGIN are enough to support most MUA software.
+#
+# These authenticators are not complete: you need to change the
+# server_condition settings to specify how passwords are verified.
+# They are set up to offer authentication to the client only if the
+# connection is encrypted with TLS, so you also need to add support
+# for TLS. See the global configuration options section at the start
+# of this file for more about TLS.
+#
+# The default RCPT ACL checks for successful authentication, and will accept
+# messages from authenticated users from anywhere on the Internet.
+begin authenticators
+# PLAIN authentication has no server prompts. The client sends its
+# credentials in one lump, containing an authorization ID (which we do not
+# use), an authentication ID, and a password. The latter two appear as
+# $auth2 and $auth3 in the configuration and should be checked against a
+# valid username and password. In a real configuration you would typically
+# use $auth2 as a lookup key, and compare $auth3 against the result of the
+# lookup, perhaps using the crypteq{}{} condition.
+#PLAIN:
+#  driver                     = plaintext
+#  server_set_id              = $auth2
+#  server_prompts             = :
+#  server_condition           = Authentication is not yet configured
+#  server_advertise_condition = ${if def:tls_in_cipher }
+# LOGIN authentication has traditional prompts and responses. There is no
+# authorization ID in this mechanism, so unlike PLAIN the username and
+# password are $auth1 and $auth2. Apart from that you can use the same
+# server_condition setting for both authenticators.
+#LOGIN:
+#  driver                     = plaintext
+#  server_set_id              = $auth1
+#  server_prompts             = <| Username: | Password:
+#  server_condition           = Authentication is not yet configured
+#  server_advertise_condition = ${if def:tls_in_cipher }
author	root	2017-03-28 10:05:16 +0200
committer	root	2017-03-28 10:05:16 +0200
commit	1009459ba2cdca8e16eacfa9c995ae2f31599850 (patch)
tree	345f1f0b0c4492c981a85e33ec9be8c27b52be05 /conf.d/070_authenticators.conf
parent	3210d80e8aa85f3821951d312d56cc418d06e360 (diff)
download	exim-1009459ba2cdca8e16eacfa9c995ae2f31599850.tar.gz

diff --git a/conf.d/070_authenticators.conf b/conf.d/070_authenticators.conf new file mode 100644 index 0000000..0d7bc9c --- /dev/null +++ b/conf.d/070_authenticators.conf
@@ -0,0 +1,47 @@
	1	######################################################################
	2	# AUTHENTICATION CONFIGURATION #
	3	######################################################################
	4
	5	# The following authenticators support plaintext username/password
	6	# authentication using the standard PLAIN mechanism and the traditional
	7	# but non-standard LOGIN mechanism, with Exim acting as the server.
	8	# PLAIN and LOGIN are enough to support most MUA software.
	9	#
	10	# These authenticators are not complete: you need to change the
	11	# server_condition settings to specify how passwords are verified.
	12	# They are set up to offer authentication to the client only if the
	13	# connection is encrypted with TLS, so you also need to add support
	14	# for TLS. See the global configuration options section at the start
	15	# of this file for more about TLS.
	16	#
	17	# The default RCPT ACL checks for successful authentication, and will accept
	18	# messages from authenticated users from anywhere on the Internet.
	19
	20	begin authenticators
	21
	22	# PLAIN authentication has no server prompts. The client sends its
	23	# credentials in one lump, containing an authorization ID (which we do not
	24	# use), an authentication ID, and a password. The latter two appear as
	25	# $auth2 and $auth3 in the configuration and should be checked against a
	26	# valid username and password. In a real configuration you would typically
	27	# use $auth2 as a lookup key, and compare $auth3 against the result of the
	28	# lookup, perhaps using the crypteq{}{} condition.
	29
	30	#PLAIN:
	31	# driver = plaintext
	32	# server_set_id = $auth2
	33	# server_prompts = :
	34	# server_condition = Authentication is not yet configured
	35	# server_advertise_condition = ${if def:tls_in_cipher }
	36
	37	# LOGIN authentication has traditional prompts and responses. There is no
	38	# authorization ID in this mechanism, so unlike PLAIN the username and
	39	# password are $auth1 and $auth2. Apart from that you can use the same
	40	# server_condition setting for both authenticators.
	41
	42	#LOGIN:
	43	# driver = plaintext
	44	# server_set_id = $auth1
	45	# server_prompts = <\| Username: \| Password:
	46	# server_condition = Authentication is not yet configured
	47	# server_advertise_condition = ${if def:tls_in_cipher }