On Thu, 25 Mar 2004, Roy Badami wrote:
I notice that it bypasses the SPF tests if the user has successfully
authenticated with SASL. How do I make it also bypass the
SPF checks if the connection has been authenticated with STARTTLS ?
You have to use smfi_getsymval(ctx,str) to lookup "macros" passed
by sendmail.cf.
Here are the macros set by my sendmail.cf:
O Milter.macros.connect=j, _, {daemon_name}, {if_name}, {if_addr}
O Milter.macros.helo={tls_version}, {cipher}, {cipher_bits}, {cert_subject},
{cert_issuer}
O Milter.macros.envfrom=i, {auth_type}, {auth_authen}, {auth_ssf},
{auth_author}, {mail_mailer}, {mail_host}, {mail_addr}
O Milter.macros.envrcpt={rcpt_mailer}, {rcpt_host}, {rcpt_addr}
I think you'll find what you need in there (cert_subject will identify
the client).
--
Stuart D. Gathman <stuart(_at_)bmsi(_dot_)com>
Business Management Systems Inc. Phone: 703 591-0911 Fax: 703 591-6154
"Very few of our customers are going to have a pure Unix
or pure Windows environment." - Dennis Oldroyd, Microsoft Corporation