ifelse(SECTION, `MAIN', `dnl define(`confSMTP_AUTH_ADVERTIZE', confSMTP_AUTH_ADVERTIZE_DEFAULT)dnl ifdef(`confSMTP_AUTH_SKIP_ADVERTIZE', `ifelse(confSMTP_AUTH_SKIP_ADVERTIZE, `NO', `', `dnl hostlist skip_auth_advertise = <; +ignore_defer ; +ignore_unknown ; CONFDIR/skip_auth_advertise dnl define(`confSMTP_AUTH_ADVERTIZE', `!+skip_auth_advertise : *')dnl define(`confSMTP_AUTH_ADVERTIZE', `!+skip_auth_advertise : confSMTP_AUTH_ADVERTIZE_DEFAULT')dnl ')')dnl ifelse_strstr(confSMTP_AUTH_RESTRICT` ', `DISABLE_AUTH_WITHOUT_TLS ', `dnl hostlist auth_advertise_hosts = ifelse_strstr(confSMTP_AUTH_RESTRICT, `DISABLE_AUTH_ON_PORT_25', `${if eq{$received_port}{25}{ifdef(`confSMTP_AUTH_RESTRICT_DISABLE_AUTH_ON_PORT_25_SKIP_HOSTS', confSMTP_AUTH_RESTRICT_DISABLE_AUTH_ON_PORT_25_SKIP_HOSTS)}{')${if eq{$tls_cipher}{}{confSMTP_AUTH_RESTRICT_DISABLE_AUTH_WITHOUT_TLS_SKIP_HOSTS}{confSMTP_AUTH_ADVERTIZE}}ifelse_strstr(confSMTP_AUTH_RESTRICT, `DISABLE_AUTH_ON_PORT_25', `}}') ', `dnl hostlist auth_advertise_hosts = ifelse_strstr(confSMTP_AUTH_RESTRICT, `DISABLE_AUTH_ON_PORT_25', `${if eq{$received_port}{25}{ifdef(`confSMTP_AUTH_RESTRICT_DISABLE_AUTH_ON_PORT_25_SKIP_HOSTS', confSMTP_AUTH_RESTRICT_DISABLE_AUTH_ON_PORT_25_SKIP_HOSTS)}{')confSMTP_AUTH_ADVERTIZE`'ifelse_strstr(confSMTP_AUTH_RESTRICT, `DISABLE_AUTH_ON_PORT_25', `}}') ') dnl ifelse_strstr(confSMTP_AUTH_RESTRICT` ', `DISABLE_AUTH_WITHOUT_TLS ', `') auth_advertise_hosts = +auth_advertise_hosts ') dnl ifelse(SECTION, `MAIN', `') ifdef(`confSMTP_AUTH_LDAP_PASSWD_ATTR', `ifelse(`X'confSMTP_AUTH_LDAP_PASSWD_ATTR, `X', `undefine(`confSMTP_AUTH_LDAP_PASSWD_ATTR')')')dnl dnl #################### AUTH #################### ifelse(SECTION, `ACL_CHECK_AUTH', `dnl ifdef(`confAUTH_MAX_ATTEMPTS_PER_MSG', `ifelse(`X'confAUTH_MAX_ATTEMPTS_PER_MSG, `X', `', `dnl drop condition = ${if >{$acl_c_auth_attemps}{confAUTH_MAX_ATTEMPTS_PER_MSG}{yes}{no}} define(`_MSG_', `Access denied. Too many authentication attempts')dnl ifdef(`confAUTH_MAX_ATTEMPTS_PER_MSG_MESSAGE', `ifelse(`X'confAUTH_MAX_ATTEMPTS_PER_MSG_MESSAGE, `X', `', `define(`_MSG_', confAUTH_MAX_ATTEMPTS_PER_MSG_MESSAGE)')') dnl message = _MSG_ log_message = The number of authentication attempts $acl_c_auth_attemps exceeded the limit confAUTH_MAX_ATTEMPTS_PER_MSG per message ifdef(`confAUTH_MAX_ATTEMPTS_PER_MSG_DELAY', `ifelse(`X'confAUTH_MAX_ATTEMPTS_PER_MSG_DELAY, `X', `', `dnl delay = confAUTH_MAX_ATTEMPTS_PER_MSG_DELAY ')') ifdef(`confAUTH_MAX_ATTEMPTS_PER_MSG_DELAY', `ifelse(`X'confAUTH_MAX_ATTEMPTS_PER_MSG_DELAY, `X', `', `')') ')') dnl ifdef(`confAUTH_MAX_ATTEMPTS_PER_MSG', `ifelse(`X'confAUTH_MAX_ATTEMPTS_PER_MSG, `X', `', `')') ifdef(`confAUTH_MAX_FAILED_PER_CONNECTION', `ifelse(`X'confAUTH_MAX_FAILED_PER_CONNECTION, `X', `', `dnl drop set acl_c0 = ${eval:0$acl_c_authentication_failed + $acl_c_auth_attemps - 1} condition = ${if >{$acl_c0}{confAUTH_MAX_FAILED_PER_CONNECTION}{yes}{no}} set acl_c_authentication_failed = $acl_c0 set acl_c_auth_attemps = 0 define(`_MSG_', `Access denied. Too many failed authentication attempts')dnl ifdef(`confAUTH_MAX_FAILED_PER_CONNECTION_MESSAGE', `ifelse(`X'confAUTH_MAX_FAILED_PER_CONNECTION_MESSAGE, `X', `', `define(`_MSG_', confAUTH_MAX_FAILED_PER_CONNECTION_MESSAGE)')') dnl message = _MSG_ log_message = The number of failed authentication attempts $acl_c_authentication_failed exceeded the limit confAUTH_MAX_FAILED_PER_CONNECTION per connection ifdef(`confAUTH_MAX_FAILED_PER_CONNECTION_DELAY', `ifelse(`X'confAUTH_MAX_FAILED_PER_CONNECTION_DELAY, `X', `', `dnl delay = confAUTH_MAX_FAILED_PER_CONNECTION_DELAY ')') ifdef(`confAUTH_MAX_FAILED_PER_CONNECTION_DELAY', `ifelse(`X'confAUTH_MAX_FAILED_PER_CONNECTION_DELAY, `X', `', `')') ')') dnl ifdef(`confAUTH_MAX_FAILED_PER_CONNECTION', `ifelse(`X'confAUTH_MAX_FAILED_PER_CONNECTION, `X', `', `')') ifdef(`confSMTP_AUTH_RESTRICT', `ifelse(`X'confSMTP_AUTH_RESTRICT, `X', `', `dnl define(`_DISABLE_AUTH_WITHOUT_TLS_', `NO')dnl ifelse_strstr(confSMTP_AUTH_RESTRICT` ', `DISABLE_AUTH_WITHOUT_TLS ', `define(`_DISABLE_AUTH_WITHOUT_TLS_', `YES')')dnl ifelse_strstr(confSMTP_AUTH_RESTRICT` ', `DISABLE_PLAIN_AUTH_WITHOUT_TLS', `define(`_DISABLE_AUTH_WITHOUT_TLS_', `YES')')dnl ifelse(_DISABLE_AUTH_WITHOUT_TLS_, `YES', `dnl warn set acl_m_auth_witout_tls = ')dnl ifelse_strstr(confSMTP_AUTH_RESTRICT` ', `DISABLE_AUTH_WITHOUT_TLS ', `dnl # Запрет аутентификации без шифрования для нелокальных хостов warn ! encrypted = * ! hosts = confSMTP_AUTH_RESTRICT_DISABLE_AUTH_WITHOUT_TLS_SKIP_HOSTS set acl_m_auth_witout_tls = STARTTLS required before SMTP AUTH ') dnl ifelse_strstr(confSMTP_AUTH_RESTRICT` ', `DISABLE_AUTH_WITHOUT_TLS ', `') ifelse_strstr(confSMTP_AUTH_RESTRICT` ', `DISABLE_PLAIN_AUTH_WITHOUT_TLS', `dnl # Запрет аутентификации LOGIN или PLAIN без шифрования для нелокальных хостов warn ! encrypted = * ! hosts = confSMTP_AUTH_RESTRICT_DISABLE_AUTH_WITHOUT_TLS_SKIP_HOSTS condition = ${if match{$smtp_command_argument}{\N(?i)^LOGIN\N}{yes}{no}} set acl_m_auth_witout_tls = STARTTLS required before SMTP AUTH with LOGIN mechanism warn ! encrypted = * ! hosts = confSMTP_AUTH_RESTRICT_DISABLE_AUTH_WITHOUT_TLS_SKIP_HOSTS condition = ${if match{$smtp_command_argument}{\N(?i)^PLAIN\N}{yes}{no}} set acl_m_auth_witout_tls = STARTTLS required before SMTP AUTH with PLAIN mechanism ') dnl ifelse_strstr(confSMTP_AUTH_RESTRICT, `DISABLE_PLAIN_AUTH_WITHOUT_TLS', `') ifelse_strstr(confSMTP_AUTH_RESTRICT, `DISABLE_AUTH_WITHOUT_TLS_SKIP', `dnl', `dnl deny condition = ${if eq{$acl_m_auth_witout_tls}{}{no}{yes}} message = $acl_m_auth_witout_tls ') dnl ifelse_strstr(confSMTP_AUTH_RESTRICT, `DISABLE_AUTH_WITHOUT_TLS_SKIP', `dnl', `dnl') ')') dnl ifdef(`confSMTP_AUTH_RESTRICT', `ifelse(`X'confSMTP_AUTH_RESTRICT, `X', `', `')') warn set acl_c_auth_public_name = ') dnl ifelse(SECTION, `ACL_CHECK_AUTH', `') dnl #################### /AUTH #################### dnl #################### MAIL #################### ifelse(SECTION, `ACL_CHECK_MAIL', `dnl warn condition = ${if >{0$acl_c_auth_attemps}{0}{yes}{no}} set acl_c_authentication_failed = ${eval:0$acl_c_authentication_failed + $acl_c_auth_attemps - ${if eq{$authentication_failed}{1}{0}{1}}} set acl_c_auth_attemps = 0 ifdef(`confAUTH_MAX_FAILED_PER_CONNECTION', `ifelse(`X'confAUTH_MAX_FAILED_PER_CONNECTION, `X', `', `dnl drop condition = ${if >{$acl_c_authentication_failed}{confAUTH_MAX_FAILED_PER_CONNECTION}{yes}{no}} define(`_MSG_', `Access denied. Too many failed authentication attempts')dnl ifdef(`confAUTH_MAX_FAILED_PER_CONNECTION_MESSAGE', `ifelse(`X'confAUTH_MAX_FAILED_PER_CONNECTION_MESSAGE, `X', `', `define(`_MSG_', confAUTH_MAX_FAILED_PER_CONNECTION_MESSAGE)')') dnl message = _MSG_ log_message = The number of failed authentication attempts $acl_c_authentication_failed exceeded the limit confAUTH_MAX_FAILED_PER_CONNECTION per connection ifdef(`confAUTH_MAX_FAILED_PER_CONNECTION_DELAY', `ifelse(`X'confAUTH_MAX_FAILED_PER_CONNECTION_DELAY, `X', `', `dnl delay = confAUTH_MAX_FAILED_PER_CONNECTION_DELAY ')') ifdef(`confAUTH_MAX_FAILED_PER_CONNECTION_DELAY', `ifelse(`X'confAUTH_MAX_FAILED_PER_CONNECTION_DELAY, `X', `', `')') ')') dnl ifdef(`confAUTH_MAX_FAILED_PER_CONNECTION', `ifelse(`X'confAUTH_MAX_FAILED_PER_CONNECTION, `X', `', `')') ifelse_strstr(confAUTH_RESULTS_ADD, `CUSTOM', `dnl warn authenticated = * set acl_m_auth_results = ${acl_m_auth_results};\n\tauth=pass${if eq{$acl_c_auth_public_name}{}{}{ ($acl_c_auth_public_name)}} smtp.auth=$authenticated_id warn condition = ${if eq{$authentication_failed}{1}{yes}{no}} set acl_m_auth_results = ${acl_m_auth_results};\n\tauth=failed${if eq{$acl_c_auth_public_name}{}{}{ ($acl_c_auth_public_name)}} smtp.auth=${sg{$authenticated_fail_id}{\N\s*\(set_id=(.*)\)\N}{\$1}} ') dnl ifelse_strstr(confAUTH_RESULTS_ADD, `CUSTOM', `') ') dnl ifelse(SECTION, `ACL_CHECK_MAIL', `') dnl #################### /MAIL #################### dnl #################### QUIT #################### ifelse(SECTION, `ACL_CHECK_QUIT', `dnl warn condition = ${if >{0$acl_c_auth_attemps}{0}{yes}{no}} set acl_c_authentication_failed = ${eval:0$acl_c_authentication_failed + $acl_c_auth_attemps - ${if eq{$authentication_failed}{1}{0}{1}}} ') dnl ifelse(SECTION, `ACL_CHECK_QUIT', `') dnl #################### /QUIT #################### dnl #################### NOTQUIT #################### ifelse(SECTION, `ACL_CHECK_NOTQUIT', `dnl warn condition = ${if >{0$acl_c_auth_attemps}{0}{yes}{no}} set acl_c_authentication_failed = ${eval:0$acl_c_authentication_failed + $acl_c_auth_attemps - ${if eq{$authentication_failed}{1}{0}{1}}} ') dnl ifelse(SECTION, `ACL_CHECK_NOTQUIT', `') dnl #################### /NOTQUIT #################### dnl #################### RCPT #################### ifelse(SECTION, `ACL_CHECK_RCPT', `dnl ifdef(`confSMTP_AUTH_RESTRICT', `ifelse(`X'confSMTP_AUTH_RESTRICT, `X', `', `dnl ifelse_strstr(confSMTP_AUTH_RESTRICT, `ENFORCE_ON_SUBMIT', `define(`confSMTP_AUTH_RESTRICT', confSMTP_AUTH_RESTRICT` ENFORCE_AUTH_ON_PORT_587')')dnl ifelse_strstr(confSMTP_AUTH_RESTRICT, `ENFORCE_AUTH_ON_PORT_587', `dnl deny condition = ${if ={$received_port}{587}{yes}{no}} !authenticated = * ifelse_strstr(confSMTP_AUTH_RESTRICT, `ENFORCE_AUTH_ON_PORT_587_SKIP', `ifdef(`confSMTP_AUTH_RESTRICT_ENFORCE_AUTH_ON_PORT_587_SKIP_HOSTS', `dnl ! hosts = confSMTP_AUTH_RESTRICT_ENFORCE_AUTH_ON_PORT_587_SKIP_HOSTS ')') dnl message = You must authenticate first (received port: $received_port) ') dnl ifelse_strstr(confSMTP_AUTH_RESTRICT, `ENFORCE_AUTH_ON_PORT_587', `') ifelse_strstr(confSMTP_AUTH_RESTRICT, `ENFORCE_AUTH_ON_PORT_465', `dnl deny condition = ${if ={$received_port}{465}{yes}{no}} !authenticated = * ifelse_strstr(confSMTP_AUTH_RESTRICT, `ENFORCE_AUTH_ON_PORT_465_SKIP', `ifdef(`confSMTP_AUTH_RESTRICT_ENFORCE_AUTH_ON_PORT_465_SKIP_HOSTS', `dnl ! hosts = confSMTP_AUTH_RESTRICT_ENFORCE_AUTH_ON_PORT_465_SKIP_HOSTS ')') dnl message = You must authenticate first (received port: $received_port) ') dnl ifelse_strstr(confSMTP_AUTH_RESTRICT, `ENFORCE_AUTH_ON_PORT_465', `') ifelse_strstr(confSMTP_AUTH_RESTRICT, `DISABLE_AUTH_WITHOUT_TLS_SKIP', `dnl deny condition = ${if eq{$acl_m_auth_witout_tls}{}{no}{yes}} condition = ${lookup{$authenticated_id}wildlsearch{CONFDIR/authplain-enabled}{no}{yes}} message = $acl_m_auth_witout_tls ') dnl ifelse_strstr(confSMTP_AUTH_RESTRICT, `DISABLE_AUTH_WITHOUT_TLS_SKIP', `dnl') ifelse_strstr(confSMTP_AUTH_RESTRICT, `LOGIN_MISMATCH_MAPS', `dnl deny authenticated = * condition = ${if eq{$sender_address}{}{no}{yes}} set acl_m0 = ${lookup{$sender_address}wildlsearch{CONFDIR/senders-login-maps}{$value}{}} ifdef(`confLDAP_PROTO', `ifelse(confLDAP_PROTO, `ldaps', `dnl set acl_m0 = ${if match{$acl_m0}{\N(^\$|[^\\]\$)\N}{${sg{$acl_m0}{ldap://}{confLDAP_PROTO://}}}{$acl_m0}} ')')dnl set acl_m0 = ${if match{$acl_m0}{\N(^\$|[^\\]\$)\N}{${expand:$acl_m0}}{$acl_m0}} set acl_m0 = ${sg{${sg{$acl_m0}{\N^\s+\N}{}}}{\N\s+$\N}{}} set acl_m0 = (?i)^(${sg{$acl_m0}{\N\s*:\s*\N}{|}})\$ condition = ${if match{$authenticated_id}{$acl_m0}{no}{yes}} message = Authenticated sender login mismatch.\n\ You may disable SMTP authentication and contact postmaster@$qualify_domain log_message = Authenticated sender login mismatch (authenticated_id: $authenticated_id) ', `dnl ifelse_strstr(confSMTP_AUTH_RESTRICT, `LOGIN_MISMATCH_MAPS', `') ifelse_strstr(confSMTP_AUTH_RESTRICT, `LOGIN_MISMATCH', `dnl deny authenticated = * condition = ${if eq{$authenticated_id}{$sender_address}{no}{yes}} condition = ${if eq{$sender_address}{}{no}{yes}} condition = ${if and{\ {!match{$authenticated_id}{@}}\ {eq{$authenticated_id@$qualify_domain}{$sender_address}}\ }{no}{yes}} condition = ${if and{\ {!match{$authenticated_id}{@}}\ {match_domain{$sender_address_domain}{+local_domains}}\ {eq{$authenticated_id}{$sender_address_local_part}}\ }{no}{yes}} message = Authenticated sender login mismatch.\n\ You may disable SMTP authentication and contact postmaster@$qualify_domain log_message = Authenticated sender login mismatch (authenticated_id: $authenticated_id) ') dnl ifelse_strstr(confSMTP_AUTH_RESTRICT, `LOGIN_MISMATCH', `') ') dnl ifelse_strstr(confSMTP_AUTH_RESTRICT, `LOGIN_MISMATCH_MAPS', `') ')') dnl ifdef(`confSMTP_AUTH_RESTRICT', `ifelse(`X'confSMTP_AUTH_RESTRICT, `X', `', `')') ') dnl ifelse(SECTION, `ACL_CHECK_RCPT', `') dnl #################### /RCPT #################### dnl #################### DATA #################### ifelse(SECTION, `ACL_CHECK_DATA', `dnl ifelse_strstr(confSMTP_AUTH_RESTRICT, `LOGIN_MISMATCH_MAPS', `dnl warn authenticated = * condition = ${if eq{$sender_address}{}{no}{yes}} condition = ${if eq{${address:${sg{$rh_From:}{:}{\\\\:}}}}{$sender_address}{no}{yes}} log_message = The address from the header From does not match the sender address from the envelope From. Header From: $rh_From: ') dnl ifelse_strstr(confSMTP_AUTH_RESTRICT, `LOGIN_MISMATCH_MAPS', `') ') dnl ifelse(SECTION, `ACL_CHECK_DATA', `') dnl #################### /DATA #################### dnl #################### AUTHENTICATORS #################### ifelse(SECTION, `AUTHENTICATORS', `dnl ifdef(`confSMTP_AUTH_SOURCE', `dnl ifelse_strstr(confSMTP_AUTH_SOURCE, `DOVECOT', `dnl ifdef(`confSMTP_AUTH_CRAM_MD5', `ifelse(confSMTP_AUTH_CRAM_MD5, `YES', `dnl srv_auth_dovecot_cram_md5: driver = dovecot public_name = CRAM-MD5 ifdef(`confSMTP_AUTH_CRAM_MD5_ADVERTIZE_CONDITION', `ifelse(len(X`'confSMTP_AUTH_CRAM_MD5_ADVERTIZE_CONDITION), `1', `', `dnl server_advertise_condition = confSMTP_AUTH_CRAM_MD5_ADVERTIZE_CONDITION ')') dnl server_socket = confSMTP_AUTH_DOVECOT_SOCKET server_set_id = $auth1 ifelse(confSMTP_AUTH_RELAY, `NO', `dnl server_condition = ${acl{acl_set_auth_public_name}{CRAM-MD5}}yes ', `dnl server_condition = ${acl{acl_set_auth_public_name}{CRAM-MD5}}${if eq{${acl{acl_auth_relay}{$auth1}}}{skip_auth}{yes}{yes}} ') dnl define(`confSMTP_AUTH_CRAM_MD5', `')dnl ')') dnl ifdef(`confSMTP_AUTH_CRAM_MD5', `ifelse(confSMTP_AUTH_CRAM_MD5, `YES', `')') ifdef(`confSMTP_AUTH_DIGEST_MD5', `ifelse(confSMTP_AUTH_DIGEST_MD5, `YES', `dnl srv_auth_dovecot_digest_md5: driver = dovecot public_name = DIGEST-MD5 ifdef(`confSMTP_AUTH_DIGEST_MD5_ADVERTIZE_CONDITION', `ifelse(len(X`'confSMTP_AUTH_DIGEST_MD5_ADVERTIZE_CONDITION), `1', `', `dnl server_advertise_condition = confSMTP_AUTH_DIGEST_MD5_ADVERTIZE_CONDITION ')') dnl server_socket = confSMTP_AUTH_DOVECOT_SOCKET server_set_id = $auth1 ifelse(confSMTP_AUTH_RELAY, `NO', `dnl server_condition = ${acl{acl_set_auth_public_name}{DIGEST-MD5}}yes ', `dnl server_condition = ${acl{acl_set_auth_public_name}{DIGEST-MD5}}${if eq{${acl{acl_auth_relay}{$auth1}}}{skip_auth}{yes}{yes}} ') dnl define(`confSMTP_AUTH_DIGEST_MD5', `')dnl ')') dnl ifdef(`confSMTP_AUTH_DIGEST_MD5', `ifelse(confSMTP_AUTH_DIGEST_MD5, `YES', `')') ifdef(`confSMTP_AUTH_PLAIN', `ifelse(confSMTP_AUTH_PLAIN, `YES', `dnl srv_auth_dovecot_plain: driver = dovecot public_name = PLAIN ifdef(`confSMTP_AUTH_PLAIN_ADVERTIZE_CONDITION', `ifelse(len(X`'confSMTP_AUTH_PLAIN_ADVERTIZE_CONDITION), `1', `', `dnl server_advertise_condition = confSMTP_AUTH_PLAIN_ADVERTIZE_CONDITION ')') dnl server_socket = confSMTP_AUTH_DOVECOT_SOCKET server_set_id = $auth1 ifelse(confSMTP_AUTH_RELAY, `NO', `dnl server_condition = ${acl{acl_set_auth_public_name}{PLAIN}}yes ', `dnl server_condition = ${acl{acl_set_auth_public_name}{PLAIN}}${if eq{${acl{acl_auth_relay}{$auth1}}}{skip_auth}{yes}{yes}} ') dnl define(`confSMTP_AUTH_PLAIN', `')dnl ')') dnl ifdef(`confSMTP_AUTH_PLAIN', `ifelse(confSMTP_AUTH_PLAIN, `YES', `')') ifdef(`confSMTP_AUTH_LOGIN', `ifelse(confSMTP_AUTH_LOGIN, `YES', `dnl srv_auth_dovecot_login: driver = dovecot public_name = LOGIN ifdef(`confSMTP_AUTH_LOGIN_ADVERTIZE_CONDITION', `ifelse(len(X`'confSMTP_AUTH_LOGIN_ADVERTIZE_CONDITION), `1', `', `dnl server_advertise_condition = confSMTP_AUTH_LOGIN_ADVERTIZE_CONDITION ')') dnl server_socket = confSMTP_AUTH_DOVECOT_SOCKET server_set_id = $auth1 ifelse(confSMTP_AUTH_RELAY, `NO', `dnl server_condition = ${acl{acl_set_auth_public_name}{LOGIN}}yes ', `dnl server_condition = ${acl{acl_set_auth_public_name}{LOGIN}}${if eq{${acl{acl_auth_relay}{$auth1}}}{skip_auth}{yes}{yes}} ') dnl define(`confSMTP_AUTH_LOGIN', `')dnl ')') dnl ifdef(`confSMTP_AUTH_LOGIN', `ifelse(confSMTP_AUTH_LOGIN, `YES', `')') ifdef(`confSMTP_AUTH_NTLM', `ifelse(confSMTP_AUTH_NTLM, `YES', `dnl srv_auth_dovecot_ntlm: driver = dovecot public_name = NTLM ifdef(`confSMTP_AUTH_NTLM_ADVERTIZE_CONDITION', `ifelse(len(X`'confSMTP_AUTH_NTLM_ADVERTIZE_CONDITION), `1', `', `dnl server_advertise_condition = confSMTP_AUTH_NTLM_ADVERTIZE_CONDITION ')') dnl server_socket = confSMTP_AUTH_DOVECOT_SOCKET server_set_id = $auth1 ifelse(confSMTP_AUTH_RELAY, `NO', `dnl server_condition = ${acl{acl_set_auth_public_name}{NTLM}}yes ', `dnl server_condition = ${acl{acl_set_auth_public_name}{NTLM}}${if eq{${acl{acl_auth_relay}{$auth2}}}{skip_auth}{yes}{yes}} ') dnl define(`confSMTP_AUTH_NTLM', `')dnl ')') dnl ifdef(`confSMTP_AUTH_NTLM', `ifelse(confSMTP_AUTH_NTLM, `YES', `')') ') dnl ifelse_strstr(confSMTP_AUTH_SOURCE, `DOVECOT', `') ') dnl ifdef(`confSMTP_AUTH_SOURCE', `') ifdef(`confSMTP_AUTH_NTLM_DC', `ifelse(confSMTP_AUTH_NTLM_DC, `YES', `dnl srv_auth_ntlm_dc: driver = cyrus_sasl public_name = NTLM ifdef(`confSMTP_AUTH_NTLM_DC_ADVERTIZE_CONDITION', `ifelse(len(X`'confSMTP_AUTH_NTLM_DC_ADVERTIZE_CONDITION), `1', `', `dnl server_advertise_condition = confSMTP_AUTH_NTLM_DC_ADVERTIZE_CONDITION ')') dnl server_realm = confSMTP_AUTH_NTLM_DC_DOMAIN server_set_id = $auth1 ifelse(confSMTP_AUTH_RELAY, `NO', `dnl server_condition = ${acl{acl_set_auth_public_name}{NTLM}}yes ', `dnl server_condition = ${acl{acl_set_auth_public_name}{NTLM}}${if eq{${acl{acl_auth_relay}{$auth2}}}{skip_auth}{yes}{yes}} ') dnl ')') dnl ifdef(`confSMTP_AUTH_NTLM_DC', `ifelse(confSMTP_AUTH_NTLM_DC, `YES', `')') ifdef(`confSMTP_AUTH_NTLM', `ifelse(confSMTP_AUTH_NTLM, `YES', `dnl srv_auth_ntlm: driver = spa public_name = NTLM ifdef(`confSMTP_AUTH_NTLM_ADVERTIZE_CONDITION', `ifelse(len(X`'confSMTP_AUTH_NTLM_ADVERTIZE_CONDITION), `1', `', `dnl server_advertise_condition = confSMTP_AUTH_NTLM_ADVERTIZE_CONDITION ')') dnl # server_secret = ${if eq{$auth1}{login}{password}fail} ifdef(`confSMTP_AUTH_SOURCE', `dnl dnl ifelse(confSMTP_AUTH_SOURCE, `PASSWD_PLAIN', `dnl # server_password = ${lookup{$auth1}lsearch{confSMTP_AUTH_PASSWD_PLAIN}{\ # ${sg{${extract{1}{:}{$value}}}{\N^\{\S+\}\N}{}}\ # }{\ # ${lookup{$auth1@$qualify_domain}lsearch{confSMTP_AUTH_PASSWD_PLAIN}{\ # ${sg{${extract{1}{:}{$value}}}{\N^\{\S+\}\N}{}}\ # }fail}\ # }}\ server_password = ${lookup{$auth1}lsearch{confSMTP_AUTH_PASSWD_PLAIN}{\ ${sg{${extract{1}{:}{$value}}}{\N^\{\S+\}\N}{}}\ }fail} ') dnl ifelse(confSMTP_AUTH_SOURCE, `PASSWD_PLAIN', `') dnl ifelse(confSMTP_AUTH_SOURCE, `LDAP_PLAIN', `dnl server_password = ${lookup ldap{\ user=${quote_ldap_dn:confSMTP_AUTH_LDAP_LOGIN} pass=${quote:confSMTP_AUTH_LDAP_PASS} ifdef(`confSMTP_AUTH_LDAP_EXTRAATTR', `ifelse(`X'confSMTP_AUTH_LDAP_EXTRAATTR, `X', `', `confSMTP_AUTH_LDAP_EXTRAATTR ')')\ confLDAP_PROTO://confSMTP_AUTH_LDAP_HOST/confSMTP_AUTH_LDAP_BASE?dn,cn?sub?\ replace_str(confSMTP_AUTH_LDAP_FILTER, `LOGIN', `${quote_ldap_dn:$auth1}')\ }{\ ${sg{${extract{confSMTP_AUTH_LDAP_PASSWD_ATTR}{$value}}}{\N^\{\S+\}\N}{}}\ }fail} ') dnl ifelse(confSMTP_AUTH_SOURCE, `LDAP_PLAIN', `') dnl ifelse(confSMTP_AUTH_SOURCE, `MYSQL_PLAIN', `dnl server_password = ${lookup mysql{\ ${sg{\ confSMTP_AUTH_MYSQL_PLAIN \ }{\NLOGIN\N}{${quote_mysql:$auth1}}}\ }{$value}fail} ') dnl ifelse(confSMTP_AUTH_SOURCE, `MYSQL_PLAIN', `') dnl ifelse(confSMTP_AUTH_SOURCE, `SQLITE_PLAIN', `dnl server_password = ${lookup sqlite,file=confSQLITE{\ ${sg{\ confSMTP_AUTH_SQLITE_PLAIN \ }{\NLOGIN\N}{${quote_sqlite:$auth1}}}\ }{$value}fail} ') dnl ifelse(confSMTP_AUTH_SOURCE, `SQLITE_PLAIN', `') dnl ') dnl ifdef(`confSMTP_AUTH_SOURCE', `') server_set_id = $auth1 ifelse(confSMTP_AUTH_RELAY, `NO', `dnl server_condition = ${acl{acl_set_auth_public_name}{NTLM}}yes ', `dnl server_condition = ${if eq{${acl{acl_auth_relay}{$auth2}}}{skip_auth}{yes}{yes}} ') dnl ')') dnl ifdef(`confSMTP_AUTH_NTLM', `ifelse(confSMTP_AUTH_NTLM, `YES', `')') ifdef(`confSMTP_AUTH_PLAIN', `ifelse(confSMTP_AUTH_PLAIN, `YES', `dnl define(`confSMTP_AUTH_PUBLIC_NAME', `PLAIN')dnl srv_auth_plain: driver = plaintext public_name = PLAIN ifdef(`confSMTP_AUTH_PLAIN_ADVERTIZE_CONDITION', `ifelse(len(X`'confSMTP_AUTH_PLAIN_ADVERTIZE_CONDITION), `1', `', `dnl server_advertise_condition = confSMTP_AUTH_PLAIN_ADVERTIZE_CONDITION ')') dnl server_prompts = : ifdef(`confSMTP_AUTH_SOURCE', `dnl dnl ifelse_strstr(confSMTP_AUTH_SOURCE, `PASSWD', `dnl ifelse_strstr(confSMTP_AUTH_SOURCE, `PASSWD_PLAIN', `dnl server_condition = ${acl{acl_set_auth_public_name}{PLAIN}}\ ifelse(confSMTP_AUTH_RELAY, `NO', `', `${if eq{${acl{acl_auth_relay}{$auth2}}}{skip_auth}{yes}{\ ')${if eq{$auth3}{\ ${extract{1}{:}{\ ${lookup{$auth2}lsearch{confSMTP_AUTH_PASSWD_PLAIN}{${sg{$value}{\N^\{\S+\}\N}{}}}{\ ${lookup{$auth2@$qualify_domain}lsearch{confSMTP_AUTH_PASSWD_PLAIN}{${sg{$value}{\N^\{\S+\}\N}{}}}fail}\ }}\ }}\ }{yes}{no}}ifelse(confSMTP_AUTH_RELAY, `NO', `', `\ }}') ', `dnl server_condition = ${acl{acl_set_auth_public_name}{PLAIN}}\ ifelse(confSMTP_AUTH_RELAY, `NO', `', `${if eq{${acl{acl_auth_relay}{$auth2}}}{skip_auth}{yes}{\ ')${if crypteq{$auth3}{\ ${extract{1}{:}{\ ${lookup{$auth2}lsearch{confSMTP_AUTH_PASSWD}{${sg{$value}{\N^\{\S+\}\N}{}}}{\ ${lookup{$auth2@$qualify_domain}lsearch{confSMTP_AUTH_PASSWD}{${sg{$value}{\N^\{\S+\}\N}{}}}fail}\ }}\ }}\ }{yes}{no}}ifelse(confSMTP_AUTH_RELAY, `NO', `', `\ }}') ') dnl ifelse_strstr(confSMTP_AUTH_SOURCE, `PASSWD_PLAIN', `') ') dnl ifelse_strstr(confSMTP_AUTH_SOURCE, `PASSWD', `') dnl ifelse(confSMTP_AUTH_SOURCE, `LDAPAUTH', `dnl server_condition = ${acl{acl_set_auth_public_name}{PLAIN}}\ ifelse(confSMTP_AUTH_RELAY, `NO', `', `${if eq{${acl{acl_auth_relay}{$auth2}}}{skip_auth}{yes}{\ ')${if ldapauth{\ user=${quote_ldap_dn:replace_str(confSMTP_AUTH_LDAPAUTH_LOGIN, `LOGIN', `$auth2')} \ pass=${quote:$auth3} \ confLDAP_PROTO://confSMTP_AUTH_LDAPAUTH_HOST/\ }{yes}{no}}ifelse(confSMTP_AUTH_RELAY, `NO', `', `\ }}') ') dnl ifelse(confSMTP_AUTH_SOURCE, `LDAPAUTH', `') dnl ifelse(confSMTP_AUTH_SOURCE, `LDAP_PLAIN', `dnl server_condition = ${acl{acl_set_auth_public_name}{PLAIN}}\ ifelse(confSMTP_AUTH_RELAY, `NO', `', `${if eq{${acl{acl_auth_relay}{$auth2}}}{skip_auth}{yes}{\ ')${lookup ldap{\ user=${quote_ldap_dn:confSMTP_AUTH_LDAP_LOGIN} pass=${quote:confSMTP_AUTH_LDAP_PASS} ifdef(`confSMTP_AUTH_LDAP_EXTRAATTR', `ifelse(`X'confSMTP_AUTH_LDAP_EXTRAATTR, `X', `', `confSMTP_AUTH_LDAP_EXTRAATTR ')') \ confLDAP_PROTO://confSMTP_AUTH_LDAP_HOST/confSMTP_AUTH_LDAP_BASE?dn,cn`'ifdef(`confSMTP_AUTH_LDAP_PASSWD_ATTR', `,confSMTP_AUTH_LDAP_PASSWD_ATTR')?sub?\ replace_str(confSMTP_AUTH_LDAP_FILTER, `LOGIN', `${quote_ldap_dn:$auth2}')\ }{\ ${if eq{$auth3}{\ ${sg{${extract{confSMTP_AUTH_LDAP_PASSWD_ATTR}{$value}}}{\N^\{\S+\}\N}{}}\ }{yes}{no}}\ }{no}}ifelse(confSMTP_AUTH_RELAY, `NO', `', `\ }}') ') dnl ifelse(confSMTP_AUTH_SOURCE, `LDAP_PLAIN', `') dnl ifelse(confSMTP_AUTH_SOURCE, `LDAP', `dnl server_condition = ${acl{acl_set_auth_public_name}{PLAIN}}\ ifelse(confSMTP_AUTH_RELAY, `NO', `', `${if eq{${acl{acl_auth_relay}{$auth2}}}{skip_auth}{yes}{\ ')${lookup ldap{\ user=${quote_ldap_dn:replace_str(confSMTP_AUTH_LDAP_LOGIN, `LOGIN', `$auth2')} pass=${quote:replace_str(confSMTP_AUTH_LDAP_PASS, `PASSWORD', `$auth3')} ifdef(`confSMTP_AUTH_LDAP_EXTRAATTR', `ifelse(`X'confSMTP_AUTH_LDAP_EXTRAATTR, `X', `', `confSMTP_AUTH_LDAP_EXTRAATTR ')')\ confLDAP_PROTO://confSMTP_AUTH_LDAP_HOST/confSMTP_AUTH_LDAP_BASE?dn,cn`'ifdef(`confSMTP_AUTH_LDAP_PASSWD_ATTR', `,confSMTP_AUTH_LDAP_PASSWD_ATTR')?sub?\ replace_str(confSMTP_AUTH_LDAP_FILTER, `LOGIN', `${quote_ldap_dn:$auth2}')\ }ifdef(`confSMTP_AUTH_LDAP_PASSWD_ATTR', `{\ ${if crypteq{$auth3}{\ ${sg{${extract{confSMTP_AUTH_LDAP_PASSWD_ATTR}{$value}}}{\N^\{\S+\}\N}{}}\ }{yes}{no}}\ }', `{yes}'){no}}ifelse(confSMTP_AUTH_RELAY, `NO', `', `\ }}') ') dnl ifelse(confSMTP_AUTH_SOURCE, `LDAP', `') dnl ifelse_strstr(confSMTP_AUTH_SOURCE, `MYSQL', `dnl ifelse_strstr(confSMTP_AUTH_SOURCE, `MYSQL_PLAIN', `dnl server_condition = ${acl{acl_set_auth_public_name}{PLAIN}}\ ifelse(confSMTP_AUTH_RELAY, `NO', `', `${if eq{${acl{acl_auth_relay}{$auth2}}}{skip_auth}{yes}{\ ')${if eq{$auth3}{\ ${lookup mysql{\ ${sg{\ confSMTP_AUTH_MYSQL_PLAIN \ }{\NLOGIN\N}{${quote_mysql:$auth2}}}\ }{${sg{$value}{\N^\{\S+\}\N}{}}}fail}\ }{yes}{no}}ifelse(confSMTP_AUTH_RELAY, `NO', `', `\ }}') ', `dnl server_condition = ${acl{acl_set_auth_public_name}{PLAIN}}\ ifelse(confSMTP_AUTH_RELAY, `NO', `', `${if eq{${acl{acl_auth_relay}{$auth2}}}{skip_auth}{yes}{\ ')${if crypteq{$auth3}{\ ${lookup mysql{\ ${sg{\ confSMTP_AUTH_MYSQL\ }{\NLOGIN\N}{${quote_mysql:$auth2}}}\ }{\ ${sg{$value}{\N^\{\S+\}\N}{}}\ }{\ ${lookup mysql{ \ ${sg{\ confSMTP_AUTH_MYSQL \ }{\NLOGIN\N}{${quote_mysql:$auth2@$qualify_domain}}}\ }{\ ${sg{$value}{\N^\{\S+\}\N}{}}\ }fail}\ }}\ }{yes}{no}}ifelse(confSMTP_AUTH_RELAY, `NO', `', `\ }}') ') dnl ifelse_strstr(confSMTP_AUTH_SOURCE, `MYSQL_PLAIN', `') ') dnl ifelse_strstr(confSMTP_AUTH_SOURCE, `MYSQL', `') dnl ifelse_strstr(confSMTP_AUTH_SOURCE, `SQLITE', `dnl ifelse_strstr(confSMTP_AUTH_SOURCE, `SQLITE_PLAIN', `dnl server_condition = ${acl{acl_set_auth_public_name}{PLAIN}}\ ifelse(confSMTP_AUTH_RELAY, `NO', `', `${if eq{${acl{acl_auth_relay}{$auth2}}}{skip_auth}{yes}{\ ')${if eq{$auth3}{\ ${lookup sqlite,file=confSQLITE{\ ${sg{\ confSMTP_AUTH_SQLITE_PLAIN \ }{\NLOGIN\N}{${quote_sqlite:$auth2}}}\ }{${sg{$value}{\N^\{\S+\}\N}{}}}fail}\ }{yes}{no}}ifelse(confSMTP_AUTH_RELAY, `NO', `', `\ }}') ', `dnl server_condition = ${acl{acl_set_auth_public_name}{PLAIN}}\ ifelse(confSMTP_AUTH_RELAY, `NO', `', `${if eq{${acl{acl_auth_relay}{$auth2}}}{skip_auth}{yes}{\ ')${if crypteq{$auth3}{\ ${lookup sqlite,file=confSQLITE{\ ${sg{\ confSMTP_AUTH_SQLITE \ }{\NLOGIN\N}{${quote_sqlite:$auth2}}}\ }{${sg{$value}{\N^\{\S+\}\N}{}}}fail}\ }{yes}{no}}ifelse(confSMTP_AUTH_RELAY, `NO', `', `\ }}') ') dnl ifelse_strstr(confSMTP_AUTH_SOURCE, `SQLITE_PLAIN', `') ') dnl ifelse_strstr(confSMTP_AUTH_SOURCE, `SQLITE', `') dnl ifelse(confSMTP_AUTH_SOURCE, `SMTP', `dnl server_condition = ${acl{acl_set_auth_public_name}{PLAIN}}\ ifelse(confSMTP_AUTH_RELAY, `NO', `', `${if eq{${acl{acl_auth_relay}{$auth2}}}{skip_auth}{yes}{\ ')${perl{smtp_login}{confSMTP_AUTH_SMTP_HOST}{confSMTP_AUTH_SMTP_PORT}{$qualify_domain}{confSMTP_AUTH_SMTP_MECH}{$auth2}{$auth3}}ifelse(confSMTP_AUTH_RELAY, `NO', `', `\ }}') ') dnl ifelse(confSMTP_AUTH_SOURCE, `SMTP', `') dnl ifelse(confSMTP_AUTH_SOURCE, `SMTPTLS', `dnl server_condition = ${acl{acl_set_auth_public_name}{PLAIN}}\ ifelse(confSMTP_AUTH_RELAY, `NO', `', `${if eq{${acl{acl_auth_relay}{$auth2}}}{skip_auth}{yes}{\ ')${perl{smtptls_login}{confSMTP_AUTH_SMTPTLS_HOST}{confSMTP_AUTH_SMTPTLS_PORT}{${if eq{confSMTP_AUTH_SMTPTLS_NOTLS}{NO}{0}{1}}}{$qualify_domain}{$auth2}{$auth3}}ifelse(confSMTP_AUTH_RELAY, `NO', `', `\ }}') ') dnl ifelse(confSMTP_AUTH_SOURCE, `SMTPTLS', `') dnl ifelse(confSMTP_AUTH_SOURCE, `IMAP', `dnl server_condition = ${acl{acl_set_auth_public_name}{PLAIN}}\ ifelse(confSMTP_AUTH_RELAY, `NO', `', `${if eq{${acl{acl_auth_relay}{$auth2}}}{skip_auth}{yes}{\ ')${perl{imap_login}{confSMTP_AUTH_IMAP_HOST}{confSMTP_AUTH_IMAP_PORT}{$auth2}{$auth3}}ifelse(confSMTP_AUTH_RELAY, `NO', `', `\ }}') ') dnl ifelse(confSMTP_AUTH_SOURCE, `IMAP', `') dnl ifelse(confSMTP_AUTH_SOURCE, `PAM', `dnl server_condition = ${acl{acl_set_auth_public_name}{PLAIN}}\ ifelse(confSMTP_AUTH_RELAY, `NO', `', `${if eq{${acl{acl_auth_relay}{$auth2}}}{skip_auth}{yes}{\ ')${if pam{$auth2:${sg{$auth3}{:}{::}}}{yes}{no}}ifelse(confSMTP_AUTH_RELAY, `NO', `', `\ }}') ') dnl ifelse(confSMTP_AUTH_SOURCE, `PAM', `') ifelse(confSMTP_AUTH_SOURCE, `RADIUS', `dnl server_condition = ${acl{acl_set_auth_public_name}{PLAIN}}\ ifelse(confSMTP_AUTH_RELAY, `NO', `', `${if eq{${acl{acl_auth_relay}{$auth2}}}{skip_auth}{yes}{\ ')${if radius{$auth2:${sg{$auth3}{:}{::}}}{yes}{no}}ifelse(confSMTP_AUTH_RELAY, `NO', `', `\ }}') ') dnl ifelse(confSMTP_AUTH_SOURCE, `RADIUS', `') dnl ifelse(confSMTP_AUTH_SOURCE, `SASLAUTHD', `dnl # server_condition = ${if saslauthd{{username}{password}{service}{realm}}{yes}{no}} server_condition = ${acl{acl_set_auth_public_name}{PLAIN}}\ ifelse(confSMTP_AUTH_RELAY, `NO', `', `${if eq{${acl{acl_auth_relay}{$auth2}}}{skip_auth}{yes}{\ ')${if saslauthd{{${local_part:$auth2}}{$auth3}{}{${domain:$auth2}}}{yes}{no}}ifelse(confSMTP_AUTH_RELAY, `NO', `', `\ }}') ') dnl ifelse(confSMTP_AUTH_SOURCE, `SASLAUTHD', `') dnl ifelse(confSMTP_AUTH_SOURCE, `CUSTOM', `dnl server_condition = ${acl{acl_set_auth_public_name}{PLAIN}}\ ifelse(confSMTP_AUTH_RELAY, `NO', `', `${if eq{${acl{acl_auth_relay}{$auth2}}}{skip_auth}{yes}{\ ')replace_all_substr(`replace_all_substr(`replace_all_substr(`replace_all_substr(confSMTP_AUTH_CUSTOM_SERVER_CONDITION,`x24LOGIN',`x24auth2')',`x7BLOGIN',`x7B$auth2')',`LOGIN',`$auth2')',`PASSWORD',`$auth3')ifelse(confSMTP_AUTH_RELAY, `NO', `', `\ }}') ') dnl ifelse(confSMTP_AUTH_SOURCE, `CUSTOM', `') dnl ') dnl ifdef(`confSMTP_AUTH_SOURCE', `') server_set_id = $auth2 ')') dnl ifdef(`confSMTP_AUTH_PLAIN', `ifelse(confSMTP_AUTH_PLAIN, `YES', `')') ifdef(`confSMTP_AUTH_LOGIN', `ifelse(confSMTP_AUTH_LOGIN, `YES', `dnl define(`confSMTP_AUTH_PUBLIC_NAME', `LOGIN')dnl srv_auth_login: driver = plaintext public_name = LOGIN ifdef(`confSMTP_AUTH_LOGIN_ADVERTIZE_CONDITION', `ifelse(len(X`'confSMTP_AUTH_LOGIN_ADVERTIZE_CONDITION), `1', `', `dnl server_advertise_condition = confSMTP_AUTH_LOGIN_ADVERTIZE_CONDITION ')') dnl server_prompts = Username:: : Password:: ifdef(`confSMTP_AUTH_SOURCE', `dnl dnl ifelse_strstr(confSMTP_AUTH_SOURCE, `PASSWD', `dnl ifelse_strstr(confSMTP_AUTH_SOURCE, `PASSWD_PLAIN', `dnl server_condition = ${acl{acl_set_auth_public_name}{LOGIN}}\ ifelse(confSMTP_AUTH_RELAY, `NO', `', `${if eq{${acl{acl_auth_relay}{$auth1}}}{skip_auth}{yes}{\ ')${if eq{$auth2}{\ ${extract{1}{:}{\ ${lookup{$auth1}lsearch{confSMTP_AUTH_PASSWD_PLAIN}{${sg{$value}{\N^\{\S+\}\N}{}}}{\ ${lookup{$auth1@$qualify_domain}lsearch{confSMTP_AUTH_PASSWD_PLAIN}{${sg{$value}{\N^\{\S+\}\N}{}}}fail}\ }}\ }}\ }{yes}{no}}ifelse(confSMTP_AUTH_RELAY, `NO', `', `\ }}') ', `dnl server_condition = ${acl{acl_set_auth_public_name}{LOGIN}}\ ifelse(confSMTP_AUTH_RELAY, `NO', `', `${if eq{${acl{acl_auth_relay}{$auth1}}}{skip_auth}{yes}{\ ')${if crypteq{$auth2}{\ ${extract{1}{:}{\ ${lookup{$auth1}lsearch{confSMTP_AUTH_PASSWD}{${sg{$value}{\N^\{\S+\}\N}{}}}{\ ${lookup{$auth1@$qualify_domain}lsearch{confSMTP_AUTH_PASSWD}{${sg{$value}{\N^\{\S+\}\N}{}}}fail}\ }}\ }}\ }{yes}{no}}ifelse(confSMTP_AUTH_RELAY, `NO', `', `\ }}') ') dnl ifelse_strstr(confSMTP_AUTH_SOURCE, `PASSWD_PLAIN', `') ') dnl ifelse_strstr(confSMTP_AUTH_SOURCE, `PASSWD', `') dnl ifelse(confSMTP_AUTH_SOURCE, `LDAPAUTH', `dnl server_condition = ${acl{acl_set_auth_public_name}{LOGIN}}\ ifelse(confSMTP_AUTH_RELAY, `NO', `', `${if eq{${acl{acl_auth_relay}{$auth1}}}{skip_auth}{yes}{\ ')${if ldapauth{\ user=${quote_ldap_dn:replace_str(confSMTP_AUTH_LDAPAUTH_LOGIN, `LOGIN', `$auth1')} \ pass=${quote:$auth2} \ confLDAP_PROTO://confSMTP_AUTH_LDAPAUTH_HOST/\ }{yes}{no}}ifelse(confSMTP_AUTH_RELAY, `NO', `', `\ }}') ') dnl ifelse(confSMTP_AUTH_SOURCE, `LDAPAUTH', `') dnl ifelse(confSMTP_AUTH_SOURCE, `LDAP_PLAIN', `dnl server_condition = ${acl{acl_set_auth_public_name}{LOGIN}}\ ifelse(confSMTP_AUTH_RELAY, `NO', `', `${if eq{${acl{acl_auth_relay}{$auth1}}}{skip_auth}{yes}{\ ')${lookup ldap{ \ user=${quote_ldap_dn:confSMTP_AUTH_LDAP_LOGIN} pass=${quote:confSMTP_AUTH_LDAP_PASS} ifdef(`confSMTP_AUTH_LDAP_EXTRAATTR', `ifelse(`X'confSMTP_AUTH_LDAP_EXTRAATTR, `X', `', `confSMTP_AUTH_LDAP_EXTRAATTR ')')\ confLDAP_PROTO://confSMTP_AUTH_LDAP_HOST/confSMTP_AUTH_LDAP_BASE?dn,cn`'ifdef(`confSMTP_AUTH_LDAP_PASSWD_ATTR', `,confSMTP_AUTH_LDAP_PASSWD_ATTR')?sub?\ replace_str(confSMTP_AUTH_LDAP_FILTER, `LOGIN', `${quote_ldap_dn:$auth1}')\ }{\ ${if eq{$auth2}{${sg{${extract{confSMTP_AUTH_LDAP_PASSWD_ATTR}{$value}}}{\N^\{\S+\}\N}{}}}{yes}{no}}\ }{no}}ifelse(confSMTP_AUTH_RELAY, `NO', `', `\ }}') ') dnl ifelse(confSMTP_AUTH_SOURCE, `LDAP_PLAIN', `') dnl ifelse(confSMTP_AUTH_SOURCE, `LDAP', `dnl server_condition = ${acl{acl_set_auth_public_name}{LOGIN}}\ ifelse(confSMTP_AUTH_RELAY, `NO', `', `${if eq{${acl{acl_auth_relay}{$auth1}}}{skip_auth}{yes}{\ ')${lookup ldap{ \ user=${quote_ldap_dn:replace_str(confSMTP_AUTH_LDAP_LOGIN, `LOGIN', `$auth1')} pass=${quote:replace_str(confSMTP_AUTH_LDAP_PASS, `PASSWORD', `$auth2')} ifdef(`confSMTP_AUTH_LDAP_EXTRAATTR', `ifelse(`X'confSMTP_AUTH_LDAP_EXTRAATTR, `X', `', `confSMTP_AUTH_LDAP_EXTRAATTR ')')\ confLDAP_PROTO://confSMTP_AUTH_LDAP_HOST/confSMTP_AUTH_LDAP_BASE?dn,cn`'ifdef(`confSMTP_AUTH_LDAP_PASSWD_ATTR', `,confSMTP_AUTH_LDAP_PASSWD_ATTR')?sub?\ replace_str(confSMTP_AUTH_LDAP_FILTER, `LOGIN', `${quote_ldap_dn:$auth1}')\ }ifdef(`confSMTP_AUTH_LDAP_PASSWD_ATTR', `{\ ${if crypteq{$auth2}{${sg{${extract{confSMTP_AUTH_LDAP_PASSWD_ATTR}{$value}}}{\N^\{\S+\}\N}{}}}{yes}{no}}\ }', `{yes}'){no}}ifelse(confSMTP_AUTH_RELAY, `NO', `', `\ }}') ') dnl ifelse(confSMTP_AUTH_SOURCE, `LDAP', `') dnl ifelse_strstr(confSMTP_AUTH_SOURCE, `MYSQL', `dnl ifelse_strstr(confSMTP_AUTH_SOURCE, `MYSQL_PLAIN', `dnl server_condition = ${acl{acl_set_auth_public_name}{LOGIN}}\ ifelse(confSMTP_AUTH_RELAY, `NO', `', `${if eq{${acl{acl_auth_relay}{$auth1}}}{skip_auth}{yes}{\ ')${if eq{$auth2}{\ ${lookup mysql{\ ${sg{ confSMTP_AUTH_MYSQL_PLAIN \ }{\NLOGIN\N}{${quote_mysql:$auth1}}}\ }{${sg{$value}{\N^\{\S+\}\N}{}}}fail}\ }{yes}{no}}ifelse(confSMTP_AUTH_RELAY, `NO', `', `\ }}') ', `dnl server_condition = ${acl{acl_set_auth_public_name}{LOGIN}}\ ifelse(confSMTP_AUTH_RELAY, `NO', `', `${if eq{${acl{acl_auth_relay}{$auth1}}}{skip_auth}{yes}{\ ')${if crypteq{$auth2}{\ ${lookup mysql{\ ${sg{\ confSMTP_AUTH_MYSQL \ }{\NLOGIN\N}{${quote_mysql:$auth1}}}\ }{\ ${sg{$value}{\N^\{\S+\}\N}{}}\ }{\ ${lookup mysql{\ ${sg{\ confSMTP_AUTH_MYSQL \ }{\NLOGIN\N}{${quote_mysql:$auth1@$qualify_domain}}}\ }{\ ${sg{$value}{\N^\{\S+\}\N}{}}\ }fail}\ }}\ }{yes}{no}}ifelse(confSMTP_AUTH_RELAY, `NO', `', `\ }}') ') dnl ifelse_strstr(confSMTP_AUTH_SOURCE, `MYSQL_PLAIN', `') ') dnl ifelse_strstr(confSMTP_AUTH_SOURCE, `MYSQL', `') dnl ifelse_strstr(confSMTP_AUTH_SOURCE, `SQLITE', `dnl ifelse_strstr(confSMTP_AUTH_SOURCE, `SQLITE_PLAIN', `dnl server_condition = ${acl{acl_set_auth_public_name}{LOGIN}}\ ifelse(confSMTP_AUTH_RELAY, `NO', `', `${if eq{${acl{acl_auth_relay}{$auth1}}}{skip_auth}{yes}{\ ')${if eq{$auth2}{\ ${lookup sqlite,file=confSQLITE{\ ${sg{\ confSMTP_AUTH_SQLITE_PLAIN \ }{\NLOGIN\N}{${quote_sqlite:$auth1}}}\ }{${sg{$value}{\N^\{\S+\}\N}{}}}fail}\ }{yes}{no}}ifelse(confSMTP_AUTH_RELAY, `NO', `', `\ }}') ', `dnl server_condition = ${acl{acl_set_auth_public_name}{LOGIN}}\ ifelse(confSMTP_AUTH_RELAY, `NO', `', `${if eq{${acl{acl_auth_relay}{$auth1}}}{skip_auth}{yes}{\ ')${if crypteq{$auth2}{\ ${lookup sqlite,file=confSQLITE{\ ${sg{\ confSMTP_AUTH_SQLITE \ }{\NLOGIN\N}{${quote_sqlite:$auth1}}}\ }{${sg{$value}{\N^\{\S+\}\N}{}}}fail}\ }{yes}{no}}ifelse(confSMTP_AUTH_RELAY, `NO', `', `\ }}') ') dnl ifelse_strstr(confSMTP_AUTH_SOURCE, `SQLITE_PLAIN', `') ') dnl ifelse_strstr(confSMTP_AUTH_SOURCE, `SQLITE', `') dnl ifelse(confSMTP_AUTH_SOURCE, `SMTP', `dnl server_condition = ${acl{acl_set_auth_public_name}{LOGIN}}\ ifelse(confSMTP_AUTH_RELAY, `NO', `', `${if eq{${acl{acl_auth_relay}{$auth1}}}{skip_auth}{yes}{\ ')${perl{smtp_login}{confSMTP_AUTH_SMTP_HOST}{confSMTP_AUTH_SMTP_PORT}{$qualify_domain}{confSMTP_AUTH_SMTP_MECH}{$auth1}{$auth2}}ifelse(confSMTP_AUTH_RELAY, `NO', `', `\ }}') ') dnl ifelse(confSMTP_AUTH_SOURCE, `SMTP', `') dnl ifelse(confSMTP_AUTH_SOURCE, `SMTPTLS', `dnl server_condition = ${acl{acl_set_auth_public_name}{LOGIN}}\ ifelse(confSMTP_AUTH_RELAY, `NO', `', `${if eq{${acl{acl_auth_relay}{$auth1}}}{skip_auth}{yes}{\ ')${perl{smtptls_login}\ {confSMTP_AUTH_SMTPTLS_HOST}{confSMTP_AUTH_SMTPTLS_PORT}{${if eq{confSMTP_AUTH_SMTPTLS_NOTLS}{NO}{0}{1}}}{$qualify_domain}{$auth1}{$auth2}}ifelse(confSMTP_AUTH_RELAY, `NO', `', `\ }}') ') dnl ifelse(confSMTP_AUTH_SOURCE, `SMTPTLS', `') dnl ifelse(confSMTP_AUTH_SOURCE, `IMAP', `dnl server_condition = ${acl{acl_set_auth_public_name}{LOGIN}}\ ifelse(confSMTP_AUTH_RELAY, `NO', `', `${if eq{${acl{acl_auth_relay}{$auth1}}}{skip_auth}{yes}{\ ')${perl{imap_login}{confSMTP_AUTH_IMAP_HOST}{confSMTP_AUTH_IMAP_PORT}{$auth1}{$auth2}}ifelse(confSMTP_AUTH_RELAY, `NO', `', `\ }}') ') dnl ifelse(confSMTP_AUTH_SOURCE, `IMAP', `') dnl ifelse(confSMTP_AUTH_SOURCE, `PAM', `dnl server_condition = ${acl{acl_set_auth_public_name}{LOGIN}}\ ifelse(confSMTP_AUTH_RELAY, `NO', `', `${if eq{${acl{acl_auth_relay}{$auth1}}}{skip_auth}{yes}{\ ')${if pam{$auth1:${sg{$auth2}{:}{::}}}{yes}{no}}ifelse(confSMTP_AUTH_RELAY, `NO', `', `\ }}') ') dnl ifelse(confSMTP_AUTH_SOURCE, `PAM', `') dnl ifelse(confSMTP_AUTH_SOURCE, `RADIUS', `dnl server_condition = ${acl{acl_set_auth_public_name}{LOGIN}}\ ifelse(confSMTP_AUTH_RELAY, `NO', `', `${if eq{${acl{acl_auth_relay}{$auth1}}}{skip_auth}{yes}{\ ')${if radius{$auth1:${sg{$auth2}{:}{::}}}{yes}{no}}ifelse(confSMTP_AUTH_RELAY, `NO', `', `\ }}') ') dnl ifelse(confSMTP_AUTH_SOURCE, `RADIUS', `') dnl ifelse(confSMTP_AUTH_SOURCE, `SASLAUTHD', `dnl # server_condition = ${if saslauthd{{username}{password}{service}{realm}}{yes}{no}} server_condition = ${acl{acl_set_auth_public_name}{LOGIN}}\ ifelse(confSMTP_AUTH_RELAY, `NO', `', `${if eq{${acl{acl_auth_relay}{$auth1}}}{skip_auth}{yes}{\ ')${if saslauthd{{${local_part:$auth1}}{$auth2}{}{${domain:$auth1}}}{yes}{no}}ifelse(confSMTP_AUTH_RELAY, `NO', `', `\ }}') ') dnl ifelse(confSMTP_AUTH_SOURCE, `SASLAUTHD', `') dnl ifelse(confSMTP_AUTH_SOURCE, `CUSTOM', `dnl server_condition = ${acl{acl_set_auth_public_name}{LOGIN}}\ ifelse(confSMTP_AUTH_RELAY, `NO', `', `${if eq{${acl{acl_auth_relay}{$auth1}}}{skip_auth}{yes}{\ ')replace_all_substr(`replace_all_substr(`replace_all_substr(`replace_all_substr(confSMTP_AUTH_CUSTOM_SERVER_CONDITION,`x24LOGIN',`x24auth1')',`x7BLOGIN',`x7B$auth1')',`LOGIN',`$auth1')',`PASSWORD',`$auth2')ifelse(confSMTP_AUTH_RELAY, `NO', `', `\ }}') ') dnl ifelse(confSMTP_AUTH_SOURCE, `CUSTOM', `') dnl ') dnl ifdef(`confSMTP_AUTH_SOURCE', `') server_set_id = $auth1 ')') dnl ifdef(`confSMTP_AUTH_LOGIN', `ifelse(confSMTP_AUTH_LOGIN, `YES', `')') ifdef(`confSMTP_AUTH_CRAM_MD5', `ifelse(confSMTP_AUTH_CRAM_MD5, `YES', `dnl srv_auth_cram_md5: driver = cram_md5 public_name = CRAM-MD5 ifdef(`confSMTP_AUTH_CRAM_MD5_ADVERTIZE_CONDITION', `ifelse(len(X`'confSMTP_AUTH_CRAM_MD5_ADVERTIZE_CONDITION), `1', `', `dnl server_advertise_condition = confSMTP_AUTH_CRAM_MD5_ADVERTIZE_CONDITION ')') dnl # server_secret = ${if eq{$auth1}{login}{password}fail} ifdef(`confSMTP_AUTH_SOURCE', `dnl dnl ifelse(confSMTP_AUTH_SOURCE, `PASSWD_PLAIN', `dnl server_secret = ${acl{acl_set_auth_public_name}{CRAM-MD5}}\ ${lookup{$auth1}lsearch{confSMTP_AUTH_PASSWD_PLAIN}{\ {${sg{${extract{1}{:}{$value}}}{\N^\{\S+\}\N}{}}}\ }{\ ${lookup{$auth1@$qualify_domain}lsearch{confSMTP_AUTH_PASSWD_PLAIN}{\ {${sg{${extract{1}{:}{$value}}}{\N^\{\S+\}\N}{}}}}fail}\ }} ') dnl ifelse(confSMTP_AUTH_SOURCE, `PASSWD_PLAIN', `') dnl ifelse(confSMTP_AUTH_SOURCE, `LDAP_PLAIN', `dnl server_secret = ${acl{acl_set_auth_public_name}{CRAM-MD5}}\ ${lookup ldap{ \ user=${quote_ldap_dn:confSMTP_AUTH_LDAP_LOGIN} pass=${quote:confSMTP_AUTH_LDAP_PASS} ifdef(`confSMTP_AUTH_LDAP_EXTRAATTR', `ifelse(`X'confSMTP_AUTH_LDAP_EXTRAATTR, `X', `', `confSMTP_AUTH_LDAP_EXTRAATTR ')')\ confLDAP_PROTO://confSMTP_AUTH_LDAP_HOST/confSMTP_AUTH_LDAP_BASE?dn,cn?sub?\ replace_str(confSMTP_AUTH_LDAP_FILTER, `LOGIN', `${quote_ldap_dn:$auth1}')\ }{\ ${sg{${extract{confSMTP_AUTH_LDAP_PASSWD_ATTR}{$value}}}{\N^\{\S+\}\N}{}}\ }fail} ') dnl ifelse(confSMTP_AUTH_SOURCE, `LDAP_PLAIN', `') dnl ifelse(confSMTP_AUTH_SOURCE, `MYSQL_PLAIN', `dnl server_secret = ${acl{acl_set_auth_public_name}{CRAM-MD5}}\ ${lookup mysql{ \ ${sg{\ confSMTP_AUTH_MYSQL_PLAIN \ }{\NLOGIN\N}{${quote_mysql:$auth1}}}\ }{$value}fail} ') dnl ifelse(confSMTP_AUTH_SOURCE, `MYSQL_PLAIN', `') dnl ifelse(confSMTP_AUTH_SOURCE, `SQLITE_PLAIN', `dnl server_secret = ${acl{acl_set_auth_public_name}{CRAM-MD5}}\ ${lookup sqlite,file=confSQLITE{\ ${sg{\ confSMTP_AUTH_SQLITE_PLAIN \ }{\NLOGIN\N}{${quote_sqlite:$auth1}}}\ }{$value}fail} ') dnl ifelse(confSMTP_AUTH_SOURCE, `SQLITE_PLAIN', `') dnl ') dnl ifdef(`confSMTP_AUTH_SOURCE', `') server_set_id = $auth1 ifelse(confSMTP_AUTH_RELAY, `NO', `', `dnl server_condition = ${if eq{${acl{acl_auth_relay}{$auth2}}}{skip_auth}{yes}{yes}} ') dnl ')') dnl ifdef(`confSMTP_AUTH_CRAM_MD5', `ifelse(confSMTP_AUTH_CRAM_MD5, `YES', `')') ifdef(`confSMTP_AUTH_GSSAPI', `ifelse(confSMTP_AUTH_GSSAPI, `YES', `dnl srv_auth_gssapi: driver = heimdal_gssapi public_name = GSSAPI ifdef(`confSMTP_AUTH_GSSAPI_SERVER_SERVICE', `ifelse(`X'confSMTP_AUTH_GSSAPI_SERVER_SERVICE, `X', `', `dnl server_service = confSMTP_AUTH_GSSAPI_SERVER_SERVICE ')') dnl ifdef(`confSMTP_AUTH_GSSAPI_SERVER_HOSTNAME', `ifelse(`X'confSMTP_AUTH_GSSAPI_SERVER_HOSTNAME, `X', `', `dnl server_hostname = confSMTP_AUTH_GSSAPI_SERVER_HOSTNAME ')') dnl ifdef(`confSMTP_AUTH_GSSAPI_SERVER_KEYTAB', `ifelse(`X'confSMTP_AUTH_GSSAPI_SERVER_KEYTAB, `X', `', `dnl server_keytab = confSMTP_AUTH_GSSAPI_SERVER_KEYTAB ')') dnl server_set_id = $auth1 ifelse(confSMTP_AUTH_RELAY, `NO', `', `dnl server_condition = ${if eq{${acl{acl_auth_relay}{$auth2}}}{skip_auth}{yes}{yes}} ') dnl ')') dnl ifdef(`confSMTP_AUTH_GSSAPI', `ifelse(confSMTP_AUTH_GSSAPI, `YES', `')') ') dnl ifelse(SECTION, `AUTHENTICATORS', `') dnl #################### /AUTHENTICATORS #################### dnl #################### ACLS_ADDITIONAL #################### ifelse(SECTION, `ACLS_ADDITIONAL', `dnl acl_set_auth_public_name: accept set acl_c_auth_public_name = $acl_arg1 ') dnl ifelse(SECTION, `ACLS_ADDITIONAL', `') dnl #################### /ACLS_ADDITIONAL ####################