ifelse(SECTION, `MAIN', `dnl define(`confSMTP_AUTH_ADVERTIZE', `*')dnl ifdef(`confSMTP_AUTH_SKIP_ADVERTIZE', `ifelse(confSMTP_AUTH_SKIP_ADVERTIZE, `NO', `dnl', `dnl hostlist skip_auth_advertise = CONFDIR/skip_auth_advertise define(`confSMTP_AUTH_ADVERTIZE', `!+skip_auth_advertise : *')dnl ')') ifelse_strstr(confSMTP_AUTH_RESTRICT` ', `DISABLE_AUTH_WITHOUT_TLS ', ` auth_advertise_hosts = ifelse_strstr(confSMTP_AUTH_RESTRICT, `DISABLE_AUTH_ON_PORT_25', `${if eq{$received_port}{25}{ifdef(`confSMTP_AUTH_RESTRICT_DISABLE_AUTH_ON_PORT_25_SKIP_HOSTS', confSMTP_AUTH_RESTRICT_DISABLE_AUTH_ON_PORT_25_SKIP_HOSTS)}{')${if eq{$tls_cipher}{}{confSMTP_AUTH_RESTRICT_DISABLE_AUTH_WITHOUT_TLS_SKIP_HOSTS}{confSMTP_AUTH_ADVERTIZE}}ifelse_strstr(confSMTP_AUTH_RESTRICT, `DISABLE_AUTH_ON_PORT_25', `}}') ', ` auth_advertise_hosts = ifelse_strstr(confSMTP_AUTH_RESTRICT, `DISABLE_AUTH_ON_PORT_25', `${if eq{$received_port}{25}{ifdef(`confSMTP_AUTH_RESTRICT_DISABLE_AUTH_ON_PORT_25_SKIP_HOSTS', confSMTP_AUTH_RESTRICT_DISABLE_AUTH_ON_PORT_25_SKIP_HOSTS)}{')confSMTP_AUTH_ADVERTIZE`'ifelse_strstr(confSMTP_AUTH_RESTRICT, `DISABLE_AUTH_ON_PORT_25', `}}') ') dnl ifelse_strstr(confSMTP_AUTH_RESTRICT` ', `DISABLE_AUTH_WITHOUT_TLS ', `') ') dnl ifelse(SECTION, `MAIN', `') ifdef(`confSMTP_AUTH_LDAP_PASSWD_ATTR', `ifelse(`X'confSMTP_AUTH_LDAP_PASSWD_ATTR, `X', `undefine(`confSMTP_AUTH_LDAP_PASSWD_ATTR')')')dnl ifelse(SECTION, `ACL_CHECK_AUTH', `dnl ifdef(`confSMTP_AUTH_RESTRICT', `ifelse(`X'confSMTP_AUTH_RESTRICT, `X', `', `dnl warn set acl_m_auth_restrict = ifelse_strstr(confSMTP_AUTH_RESTRICT` ', `DISABLE_AUTH_WITHOUT_TLS ', ` # Запрет аутентификации без шифрования для нелокальных хостов warn ! encrypted = * ! hosts = confSMTP_AUTH_RESTRICT_DISABLE_AUTH_WITHOUT_TLS_SKIP_HOSTS set acl_m_auth_restrict = STARTTLS required before SMTP AUTH ') dnl ifelse_strstr(confSMTP_AUTH_RESTRICT` ', `DISABLE_AUTH_WITHOUT_TLS ', `') ifelse_strstr(confSMTP_AUTH_RESTRICT` ', `DISABLE_PLAIN_AUTH_WITHOUT_TLS', ` # Запрет аутентификации LOGIN или PLAIN без шифрования для нелокальных хостов warn ! encrypted = * ! hosts = confSMTP_AUTH_RESTRICT_DISABLE_AUTH_WITHOUT_TLS_SKIP_HOSTS condition = ${if match{$smtp_command_argument}{\N(?i)^LOGIN\N}{yes}{no}} set acl_m_auth_restrict = STARTTLS required before SMTP AUTH with LOGIN mechanism warn ! encrypted = * ! hosts = confSMTP_AUTH_RESTRICT_DISABLE_AUTH_WITHOUT_TLS_SKIP_HOSTS condition = ${if match{$smtp_command_argument}{\N(?i)^PLAIN\N}{yes}{no}} set acl_m_auth_restrict = STARTTLS required before SMTP AUTH with PLAIN mechanism ') dnl ifelse_strstr(confSMTP_AUTH_RESTRICT, `DISABLE_PLAIN_AUTH_WITHOUT_TLS', `') ifelse_strstr(confSMTP_AUTH_RESTRICT, `DISABLE_AUTH_WITHOUT_TLS_SKIP', `dnl', `dnl deny condition = ${if eq{$acl_m_auth_restrict}{}{no}{yes}} message = $acl_m_auth_restrict ') dnl ifelse_strstr(confSMTP_AUTH_RESTRICT, `DISABLE_AUTH_WITHOUT_TLS_SKIP', `dnl', `dnl') ')') dnl ifdef(`confSMTP_AUTH_RESTRICT', `ifelse(`X'confSMTP_AUTH_RESTRICT, `X', `', `')') ') dnl ifelse(SECTION, `ACL_CHECK_AUTH', `') ifelse(SECTION, `ACL_CHECK_RCPT', `dnl ifdef(`confSMTP_AUTH_RESTRICT', `ifelse(`X'confSMTP_AUTH_RESTRICT, `X', `', `dnl ifelse_strstr(confSMTP_AUTH_RESTRICT, `ENFORCE_ON_SUBMIT', `define(`confSMTP_AUTH_RESTRICT', confSMTP_AUTH_RESTRICT` ENFORCE_AUTH_ON_PORT_587')')dnl ifelse_strstr(confSMTP_AUTH_RESTRICT, `ENFORCE_AUTH_ON_PORT_587', ` deny condition = ${if ={$received_port}{587}{yes}{no}} !authenticated = * message = You must authenticate first ') dnl ifelse_strstr(confSMTP_AUTH_RESTRICT, `ENFORCE_AUTH_ON_PORT_587', `') ifelse_strstr(confSMTP_AUTH_RESTRICT, `DISABLE_AUTH_WITHOUT_TLS_SKIP', ` deny condition = ${if eq{$acl_m_auth_restrict}{}{no}{yes}} condition = ${lookup{$authenticated_id}wildlsearch{CONFDIR/authplain-enabled}{no}{yes}} message = $acl_m_auth_restrict ') dnl ifelse_strstr(confSMTP_AUTH_RESTRICT, `DISABLE_AUTH_WITHOUT_TLS_SKIP', `dnl') ifelse_strstr(confSMTP_AUTH_RESTRICT, `LOGIN_MISMATCH_MAPS', `dnl deny authenticated = * condition = ${if eq{$sender_address}{}{no}{yes}} set acl_m0 = ${lookup{$sender_address}wildlsearch{CONFDIR/senders-login-maps}{$value}{}} set acl_m0 = ${if match{$acl_m0}{\N(^\$|[^\\]\$)\N}{${expand:$acl_m0}}{$acl_m0}} set acl_m0 = ${sg{${sg{$acl_m0}{\N^\s+\N}{}}}{\N\s+$\N}{}} set acl_m0 = (?i)^(${sg{$acl_m0}{\N\s*:\s*\N}{|}})\$ condition = ${if match{$authenticated_id}{$acl_m0}{no}{yes}} message = Authenticated sender login mismatch.\n\ You may disable SMTP authentication and contact postmaster@$qualify_domain log_message = Authenticated sender login mismatch (authenticated_id: $authenticated_id) ', `dnl ifelse_strstr(confSMTP_AUTH_RESTRICT, `LOGIN_MISMATCH_MAPS', `') ifelse_strstr(confSMTP_AUTH_RESTRICT, `LOGIN_MISMATCH', `dnl deny authenticated = * condition = ${if eq{$authenticated_id}{$sender_address}{no}{yes}} condition = ${if eq{$sender_address}{}{no}{yes}} condition = ${if and{\ {!match{$authenticated_id}{@}}\ {eq{$authenticated_id@$qualify_domain}{$sender_address}}\ }{no}{yes}} condition = ${if and{\ {!match{$authenticated_id}{@}}\ {match_domain{$sender_address_domain}{+local_domains}}\ {eq{$authenticated_id}{$sender_address_local_part}}\ }{no}{yes}} message = Authenticated sender login mismatch.\n\ You may disable SMTP authentication and contact postmaster@$qualify_domain log_message = Authenticated sender login mismatch (authenticated_id: $authenticated_id) ') dnl ifelse_strstr(confSMTP_AUTH_RESTRICT, `LOGIN_MISMATCH', `') ') dnl ifelse_strstr(confSMTP_AUTH_RESTRICT, `LOGIN_MISMATCH_MAPS', `') ')') dnl ifdef(`confSMTP_AUTH_RESTRICT', `ifelse(`X'confSMTP_AUTH_RESTRICT, `X', `', `')') ') dnl ifelse(SECTION, `ACL_CHECK_RCPT', `') ifelse(SECTION, `AUTHENTICATORS', `dnl ifdef(`confSMTP_AUTH_SOURCE', `dnl ifelse_strstr(confSMTP_AUTH_SOURCE, `DOVECOT', `dnl ifdef(`confSMTP_AUTH_CRAM_MD5', `ifelse(confSMTP_AUTH_CRAM_MD5, `YES', `dnl srv_auth_dovecot_cram_md5: driver = dovecot public_name = CRAM-MD5 server_socket = confSMTP_AUTH_DOVECOT_SOCKET server_set_id = $auth1 define(`confSMTP_AUTH_CRAM_MD5', `')dnl ')') dnl ifdef(`confSMTP_AUTH_CRAM_MD5', `ifelse(confSMTP_AUTH_CRAM_MD5, `YES', `')') ifdef(`confSMTP_AUTH_DIGEST_MD5', `ifelse(confSMTP_AUTH_DIGEST_MD5, `YES', `dnl srv_auth_dovecot_digest_md5: driver = dovecot public_name = DIGEST-MD5 server_socket = confSMTP_AUTH_DOVECOT_SOCKET server_set_id = $auth1 define(`confSMTP_AUTH_DIGEST_MD5', `')dnl ')') dnl ifdef(`confSMTP_AUTH_DIGEST_MD5', `ifelse(confSMTP_AUTH_DIGEST_MD5, `YES', `')') ifdef(`confSMTP_AUTH_PLAIN', `ifelse(confSMTP_AUTH_PLAIN, `YES', `dnl srv_auth_dovecot_plain: driver = dovecot public_name = PLAIN server_socket = confSMTP_AUTH_DOVECOT_SOCKET server_set_id = $auth2 define(`confSMTP_AUTH_PLAIN', `')dnl ')') dnl ifdef(`confSMTP_AUTH_PLAIN', `ifelse(confSMTP_AUTH_PLAIN, `YES', `')') ifdef(`confSMTP_AUTH_LOGIN', `ifelse(confSMTP_AUTH_LOGIN, `YES', `dnl srv_auth_dovecot_login: driver = dovecot public_name = LOGIN server_socket = confSMTP_AUTH_DOVECOT_SOCKET server_set_id = $auth1 define(`confSMTP_AUTH_LOGIN', `')dnl ')') dnl ifdef(`confSMTP_AUTH_LOGIN', `ifelse(confSMTP_AUTH_LOGIN, `YES', `')') ifdef(`confSMTP_AUTH_NTLM', `ifelse(confSMTP_AUTH_NTLM, `YES', `dnl srv_auth_dovecot_ntlm: driver = dovecot public_name = NTLM server_socket = /var/run/dovecot/auth-client server_set_id = $auth1 define(`confSMTP_AUTH_NTLM', `')dnl ')') dnl ifdef(`confSMTP_AUTH_NTLM', `ifelse(confSMTP_AUTH_NTLM, `YES', `')') ') dnl ifelse_strstr(confSMTP_AUTH_SOURCE, `DOVECOT', `') ') dnl ifdef(`confSMTP_AUTH_SOURCE', `') ifdef(`confSMTP_AUTH_NTLM_DC', `ifelse(confSMTP_AUTH_NTLM_DC, `YES', `dnl srv_auth_ntlm_dc: driver = cyrus_sasl public_name = NTLM server_realm = confSMTP_AUTH_NTLM_DC_DOMAIN server_set_id = $auth1 ')') dnl ifdef(`confSMTP_AUTH_NTLM_DC', `ifelse(confSMTP_AUTH_NTLM_DC, `YES', `')') ifdef(`confSMTP_AUTH_NTLM', `ifelse(confSMTP_AUTH_NTLM, `YES', `dnl srv_auth_ntlm: driver = spa public_name = NTLM # server_secret = ${if eq{$auth1}{login}{password}fail} ifdef(`confSMTP_AUTH_SOURCE', `dnl dnl ifelse(confSMTP_AUTH_SOURCE, `PASSWD_PLAIN', `dnl # server_password = ${lookup{$auth1}lsearch{confSMTP_AUTH_PASSWD_PLAIN}\ # {${sg{${extract{1}{:}{$value}}}{\N^\{\S+\}\N}{}}}\ # {\ # ${lookup{$auth1@$qualify_domain}lsearch{confSMTP_AUTH_PASSWD_PLAIN}\ # {${sg{${extract{1}{:}{$value}}}{\N^\{\S+\}\N}{}}}fail}\ # }} server_password = ${lookup{$auth1}lsearch{confSMTP_AUTH_PASSWD_PLAIN}\ {${sg{${extract{1}{:}{$value}}}{\N^\{\S+\}\N}{}}}\ fail} ') dnl ifelse(confSMTP_AUTH_SOURCE, `PASSWD_PLAIN', `') dnl ifelse(confSMTP_AUTH_SOURCE, `LDAP_PLAIN', `dnl server_password = ${lookup ldap{\ user=${quote:confSMTP_AUTH_LDAP_LOGIN} pass=${quote:confSMTP_AUTH_LDAP_PASS} ifdef(`confSMTP_AUTH_LDAP_EXTRAATTR', `ifelse(`X'confSMTP_AUTH_LDAP_EXTRAATTR, `X', `', `confSMTP_AUTH_LDAP_EXTRAATTR ')')\ ldap://confSMTP_AUTH_LDAP_HOST/confSMTP_AUTH_LDAP_BASE?dn,cn?sub?\ replace_str(confSMTP_AUTH_LDAP_FILTER, `LOGIN', `${quote_ldap_dn:$auth1}')\ }\ {${sg{${extract{confSMTP_AUTH_LDAP_PASSWD_ATTR}{$value}}}{\N^\{\S+\}\N}{}}}\ fail} ') dnl ifelse(confSMTP_AUTH_SOURCE, `LDAP_PLAIN', `') dnl ifelse(confSMTP_AUTH_SOURCE, `MYSQL_PLAIN', `dnl server_password = ${lookup mysql{ \ ${sg{\ confSMTP_AUTH_MYSQL_PLAIN \ }{\NLOGIN\N}{${quote_mysql:$auth1}}}\ }{$value}fail} ') dnl ifelse(confSMTP_AUTH_SOURCE, `MYSQL_PLAIN', `') dnl ifelse(confSMTP_AUTH_SOURCE, `SQLITE_PLAIN', `dnl server_password = ${lookup sqlite{confSQLITE \ ${sg{\ confSMTP_AUTH_SQLITE_PLAIN \ }{\NLOGIN\N}{${quote_sqlite:$auth1}}}\ }{$value}fail} ') dnl ifelse(confSMTP_AUTH_SOURCE, `SQLITE_PLAIN', `') dnl ') dnl ifdef(`confSMTP_AUTH_SOURCE', `') server_set_id = $auth1 ')') dnl ifdef(`confSMTP_AUTH_NTLM', `ifelse(confSMTP_AUTH_NTLM, `YES', `')') ifdef(`confSMTP_AUTH_PLAIN', `ifelse(confSMTP_AUTH_PLAIN, `YES', `dnl srv_auth_plain: driver = plaintext public_name = PLAIN server_prompts = : ifdef(`confSMTP_AUTH_SOURCE', `dnl dnl ifelse_strstr(confSMTP_AUTH_SOURCE, `PASSWD', `dnl ifelse_strstr(confSMTP_AUTH_SOURCE, `PASSWD_PLAIN', `dnl server_condition = ${if eq{$auth3}\ {${extract{1}{:}{\ ${lookup{$auth2}lsearch{confSMTP_AUTH_PASSWD_PLAIN}{${sg{$value}{\N^\{\S+\}\N}{}}}{\ ${lookup{$auth2@$qualify_domain}lsearch{confSMTP_AUTH_PASSWD_PLAIN}{${sg{$value}{\N^\{\S+\}\N}{}}}fail}\ }}\ }}}\ {yes}{no}} ', `dnl server_condition = ${if crypteq{$auth3}\ {${extract{1}{:}{\ ${lookup{$auth2}lsearch{confSMTP_AUTH_PASSWD}{${sg{$value}{\N^\{\S+\}\N}{}}}{\ ${lookup{$auth2@$qualify_domain}lsearch{confSMTP_AUTH_PASSWD}{${sg{$value}{\N^\{\S+\}\N}{}}}fail}\ }}\ }}}\ {yes}{no}} ') dnl ifelse_strstr(confSMTP_AUTH_SOURCE, `PASSWD_PLAIN', `') ') dnl ifelse_strstr(confSMTP_AUTH_SOURCE, `PASSWD', `') dnl ifelse(confSMTP_AUTH_SOURCE, `LDAPAUTH', `dnl server_condition = ${if ldapauth{\ user=${quote_ldap_dn:replace_str(confSMTP_AUTH_LDAPAUTH_LOGIN, `LOGIN', `$auth2')} \ pass=${quote:$auth3} \ ldap://confSMTP_AUTH_LDAPAUTH_HOST/\ }{yes}{no}} ') dnl ifelse(confSMTP_AUTH_SOURCE, `LDAPAUTH', `') dnl ifelse(confSMTP_AUTH_SOURCE, `LDAP_PLAIN', `dnl server_condition = ${lookup ldap{\ user=${quote_ldap_dn:confSMTP_AUTH_LDAP_LOGIN} pass=${quote:confSMTP_AUTH_LDAP_PASS} ifdef(`confSMTP_AUTH_LDAP_EXTRAATTR', `ifelse(`X'confSMTP_AUTH_LDAP_EXTRAATTR, `X', `', `confSMTP_AUTH_LDAP_EXTRAATTR ')') \ ldap://confSMTP_AUTH_LDAP_HOST/confSMTP_AUTH_LDAP_BASE?dn,cn`'ifdef(`confSMTP_AUTH_LDAP_PASSWD_ATTR', `,confSMTP_AUTH_LDAP_PASSWD_ATTR')?sub?\ replace_str(confSMTP_AUTH_LDAP_FILTER, `LOGIN', `${quote_ldap_dn:$auth2}')\ }\ {${if eq{$auth3}{${sg{${extract{confSMTP_AUTH_LDAP_PASSWD_ATTR}{$value}}}{\N^\{\S+\}\N}{}}}\ {yes}{no}}}\ {no}} ') dnl ifelse(confSMTP_AUTH_SOURCE, `LDAP_PLAIN', `') dnl ifelse(confSMTP_AUTH_SOURCE, `LDAP', `dnl server_condition = ${lookup ldap{\ user=${quote_ldap_dn:replace_str(confSMTP_AUTH_LDAP_LOGIN, `LOGIN', `$auth2')} pass=${quote:replace_str(confSMTP_AUTH_LDAP_PASS, `PASSWORD', `$auth3')} ifdef(`confSMTP_AUTH_LDAP_EXTRAATTR', `ifelse(`X'confSMTP_AUTH_LDAP_EXTRAATTR, `X', `', `confSMTP_AUTH_LDAP_EXTRAATTR ')')\ ldap://confSMTP_AUTH_LDAP_HOST/confSMTP_AUTH_LDAP_BASE?dn,cn`'ifdef(`confSMTP_AUTH_LDAP_PASSWD_ATTR', `,confSMTP_AUTH_LDAP_PASSWD_ATTR')?sub?\ replace_str(confSMTP_AUTH_LDAP_FILTER, `LOGIN', `${quote_ldap_dn:$auth2}')\ }ifdef(`confSMTP_AUTH_LDAP_PASSWD_ATTR', `\ {${if crypteq{$auth3}{${sg{${extract{confSMTP_AUTH_LDAP_PASSWD_ATTR}{$value}}}{\N^\{\S+\}\N}{}}}\ {yes}{no}}}', `{yes}'){no}} ') dnl ifelse(confSMTP_AUTH_SOURCE, `LDAP', `') dnl ifelse_strstr(confSMTP_AUTH_SOURCE, `MYSQL', `dnl ifelse_strstr(confSMTP_AUTH_SOURCE, `MYSQL_PLAIN', `dnl server_condition = ${if eq{$auth3}\ {${lookup mysql{ \ ${sg{\ confSMTP_AUTH_MYSQL_PLAIN \ }{\NLOGIN\N}{${quote_mysql:$auth2}}}\ }{${sg{$value}{\N^\{\S+\}\N}{}}}fail}}\ {yes}{no}} ', `dnl server_condition = ${if crypteq{$auth3}{\ ${lookup mysql{\ ${sg{\ confSMTP_AUTH_MYSQL\ }{\NLOGIN\N}{${quote_mysql:$auth2}}}\ }{\ ${sg{$value}{\N^\{\S+\}\N}{}}\ }{\ ${lookup mysql{ \ ${sg{\ confSMTP_AUTH_MYSQL \ }{\NLOGIN\N}{${quote_mysql:$auth2@$qualify_domain}}}\ }{\ ${sg{$value}{\N^\{\S+\}\N}{}}\ }fail}\ }}\ }{yes}{no}} ') dnl ifelse_strstr(confSMTP_AUTH_SOURCE, `MYSQL_PLAIN', `') ') dnl ifelse_strstr(confSMTP_AUTH_SOURCE, `MYSQL', `') dnl ifelse_strstr(confSMTP_AUTH_SOURCE, `SQLITE', `dnl ifelse_strstr(confSMTP_AUTH_SOURCE, `SQLITE_PLAIN', `dnl server_condition = ${if eq{$auth3}\ {${lookup sqlite{confSQLITE \ ${sg{\ confSMTP_AUTH_SQLITE_PLAIN \ }{\NLOGIN\N}{${quote_sqlite:$auth2}}}\ }{${sg{$value}{\N^\{\S+\}\N}{}}}fail}}\ {yes}{no}} ', `dnl server_condition = ${if crypteq{$auth3}\ {${lookup sqlite{confSQLITE \ ${sg{\ confSMTP_AUTH_SQLITE \ }{\NLOGIN\N}{${quote_sqlite:$auth2}}}\ }{${sg{$value}{\N^\{\S+\}\N}{}}}fail}}\ {yes}{no}} ') dnl ifelse_strstr(confSMTP_AUTH_SOURCE, `SQLITE_PLAIN', `') ') dnl ifelse_strstr(confSMTP_AUTH_SOURCE, `SQLITE', `') dnl ifelse(confSMTP_AUTH_SOURCE, `SMTP', `dnl server_condition = ${perl{smtp_login}\ {confSMTP_AUTH_SMTP_HOST}{confSMTP_AUTH_SMTP_PORT}{$qualify_domain}{confSMTP_AUTH_SMTP_MECH}{$auth2}{$auth3}} ') dnl ifelse(confSMTP_AUTH_SOURCE, `SMTP', `') dnl ifelse(confSMTP_AUTH_SOURCE, `SMTPTLS', `dnl server_condition = ${perl{smtptls_login}\ {confSMTP_AUTH_SMTPTLS_HOST}{confSMTP_AUTH_SMTPTLS_PORT}{${if eq{confSMTP_AUTH_SMTPTLS_NOTLS}{NO}{0}{1}}}{$qualify_domain}{$auth2}{$auth3}} ') dnl ifelse(confSMTP_AUTH_SOURCE, `SMTPTLS', `') dnl ifelse(confSMTP_AUTH_SOURCE, `IMAP', `dnl server_condition = ${perl{imap_login}{confSMTP_AUTH_IMAP_HOST}{confSMTP_AUTH_IMAP_PORT}{$auth2}{$auth3}} ') dnl ifelse(confSMTP_AUTH_SOURCE, `IMAP', `') dnl ifelse(confSMTP_AUTH_SOURCE, `PAM', `dnl server_condition = ${if pam{$auth2:${sg{$auth3}{:}{::}}}{yes}{no}} ') dnl ifelse(confSMTP_AUTH_SOURCE, `PAM', `') ifelse(confSMTP_AUTH_SOURCE, `RADIUS', `dnl server_condition = ${if radius{$auth2:${sg{$auth3}{:}{::}}}{yes}{no}} ') dnl ifelse(confSMTP_AUTH_SOURCE, `RADIUS', `') dnl ifelse(confSMTP_AUTH_SOURCE, `SASLAUTHD', `dnl # server_condition = ${if saslauthd{{username}{password}{service}{realm}}{yes}{no}} server_condition = ${if saslauthd{{${local_part:$auth2}}{$auth3}{}{${domain:$auth2}}}{yes}{no}} ') dnl ifelse(confSMTP_AUTH_SOURCE, `SASLAUTHD', `') dnl ifelse(confSMTP_AUTH_SOURCE, `CUSTOM', `dnl server_condition = replace_all_substr(`replace_all_substr(`replace_all_substr(confSMTP_AUTH_CUSTOM_SERVER_CONDITION,`x24LOGIN',`x24auth2')',`LOGIN',`$auth2')',`PASSWORD',`$auth3') ') dnl ifelse(confSMTP_AUTH_SOURCE, `CUSTOM', `') dnl ') dnl ifdef(`confSMTP_AUTH_SOURCE', `') server_set_id = $auth2 ')') dnl ifdef(`confSMTP_AUTH_PLAIN', `ifelse(confSMTP_AUTH_PLAIN, `YES', `')') ifdef(`confSMTP_AUTH_LOGIN', `ifelse(confSMTP_AUTH_LOGIN, `YES', `dnl srv_auth_login: driver = plaintext public_name = LOGIN server_prompts = Username:: : Password:: ifdef(`confSMTP_AUTH_SOURCE', `dnl dnl ifelse_strstr(confSMTP_AUTH_SOURCE, `PASSWD', `dnl ifelse_strstr(confSMTP_AUTH_SOURCE, `PASSWD_PLAIN', `dnl server_condition = ${if eq{$auth2}\ {${extract{1}{:}{\ ${lookup{$auth1}lsearch{confSMTP_AUTH_PASSWD_PLAIN}{${sg{$value}{\N^\{\S+\}\N}{}}}{\ ${lookup{$auth1@$qualify_domain}lsearch{confSMTP_AUTH_PASSWD_PLAIN}{${sg{$value}{\N^\{\S+\}\N}{}}}fail}\ }}\ }}}\ {yes}{no}} ', `dnl server_condition = ${if crypteq{$auth2}\ {${extract{1}{:}{\ ${lookup{$auth1}lsearch{confSMTP_AUTH_PASSWD}{${sg{$value}{\N^\{\S+\}\N}{}}}{\ ${lookup{$auth1@$qualify_domain}lsearch{confSMTP_AUTH_PASSWD}{${sg{$value}{\N^\{\S+\}\N}{}}}fail}\ }}\ }}}\ {yes}{no}} ') dnl ifelse_strstr(confSMTP_AUTH_SOURCE, `PASSWD_PLAIN', `') ') dnl ifelse_strstr(confSMTP_AUTH_SOURCE, `PASSWD', `') dnl ifelse(confSMTP_AUTH_SOURCE, `LDAPAUTH', `dnl server_condition = ${if ldapauth{\ user=${quote_ldap_dn:replace_str(confSMTP_AUTH_LDAPAUTH_LOGIN, `LOGIN', `$auth1')} \ pass=${quote:$auth2} \ ldap://confSMTP_AUTH_LDAPAUTH_HOST/\ }{yes}{no}} ') dnl ifelse(confSMTP_AUTH_SOURCE, `LDAPAUTH', `') dnl ifelse(confSMTP_AUTH_SOURCE, `LDAP_PLAIN', `dnl server_condition = ${lookup ldap{ \ user=${quote_ldap_dn:confSMTP_AUTH_LDAP_LOGIN} pass=${quote:confSMTP_AUTH_LDAP_PASS} ifdef(`confSMTP_AUTH_LDAP_EXTRAATTR', `ifelse(`X'confSMTP_AUTH_LDAP_EXTRAATTR, `X', `', `confSMTP_AUTH_LDAP_EXTRAATTR ')')\ ldap://confSMTP_AUTH_LDAP_HOST/confSMTP_AUTH_LDAP_BASE?dn,cn`'ifdef(`confSMTP_AUTH_LDAP_PASSWD_ATTR', `,confSMTP_AUTH_LDAP_PASSWD_ATTR')?sub?\ replace_str(confSMTP_AUTH_LDAP_FILTER, `LOGIN', `${quote_ldap_dn:$auth1}')\ }\ {${if eq{$auth2}{${sg{${extract{confSMTP_AUTH_LDAP_PASSWD_ATTR}{$value}}}{\N^\{\S+\}\N}{}}}\ {yes}{no}}}\ {no}} ') dnl ifelse(confSMTP_AUTH_SOURCE, `LDAP_PLAIN', `') dnl ifelse(confSMTP_AUTH_SOURCE, `LDAP', `dnl server_condition = ${lookup ldap{ \ user=${quote_ldap_dn:replace_str(confSMTP_AUTH_LDAP_LOGIN, `LOGIN', `$auth1')} pass=${quote:replace_str(confSMTP_AUTH_LDAP_PASS, `PASSWORD', `$auth2')} ifdef(`confSMTP_AUTH_LDAP_EXTRAATTR', `ifelse(`X'confSMTP_AUTH_LDAP_EXTRAATTR, `X', `', `confSMTP_AUTH_LDAP_EXTRAATTR ')')\ ldap://confSMTP_AUTH_LDAP_HOST/confSMTP_AUTH_LDAP_BASE?dn,cn`'ifdef(`confSMTP_AUTH_LDAP_PASSWD_ATTR', `,confSMTP_AUTH_LDAP_PASSWD_ATTR')?sub?\ replace_str(confSMTP_AUTH_LDAP_FILTER, `LOGIN', `${quote_ldap_dn:$auth1}')\ }ifdef(`confSMTP_AUTH_LDAP_PASSWD_ATTR', `\ {${if crypteq{$auth2}{${sg{${extract{confSMTP_AUTH_LDAP_PASSWD_ATTR}{$value}}}{\N^\{\S+\}\N}{}}}\ {yes}{no}}}', `{yes}'){no}} ') dnl ifelse(confSMTP_AUTH_SOURCE, `LDAP', `') dnl ifelse_strstr(confSMTP_AUTH_SOURCE, `MYSQL', `dnl ifelse_strstr(confSMTP_AUTH_SOURCE, `MYSQL_PLAIN', `dnl server_condition = ${if eq{$auth2}\ {${lookup mysql{ \ ${sg{\ confSMTP_AUTH_MYSQL_PLAIN \ }{\NLOGIN\N}{${quote_mysql:$auth1}}}\ }{${sg{$value}{\N^\{\S+\}\N}{}}}fail}}\ {yes}{no}} ', `dnl server_condition = ${if crypteq{$auth2}{\ ${lookup mysql{\ ${sg{\ confSMTP_AUTH_MYSQL \ }{\NLOGIN\N}{${quote_mysql:$auth1}}}\ }{\ ${sg{$value}{\N^\{\S+\}\N}{}}\ }{\ ${lookup mysql{\ ${sg{\ confSMTP_AUTH_MYSQL \ }{\NLOGIN\N}{${quote_mysql:$auth1@$qualify_domain}}}\ }{\ ${sg{$value}{\N^\{\S+\}\N}{}}\ }fail}\ }}\ }{yes}{no}} ') dnl ifelse_strstr(confSMTP_AUTH_SOURCE, `MYSQL_PLAIN', `') ') dnl ifelse_strstr(confSMTP_AUTH_SOURCE, `MYSQL', `') dnl ifelse_strstr(confSMTP_AUTH_SOURCE, `SQLITE', `dnl ifelse_strstr(confSMTP_AUTH_SOURCE, `SQLITE_PLAIN', `dnl server_condition = ${if eq{$auth2}\ {${lookup sqlite{confSQLITE \ ${sg{\ confSMTP_AUTH_SQLITE_PLAIN \ }{\NLOGIN\N}{${quote_sqlite:$auth1}}}\ }{${sg{$value}{\N^\{\S+\}\N}{}}}fail}}\ {yes}{no}} ', `dnl server_condition = ${if crypteq{$auth2}\ {${lookup sqlite{confSQLITE \ ${sg{\ confSMTP_AUTH_SQLITE \ }{\NLOGIN\N}{${quote_sqlite:$auth1}}}\ }{${sg{$value}{\N^\{\S+\}\N}{}}}fail}}\ {yes}{no}} ') dnl ifelse_strstr(confSMTP_AUTH_SOURCE, `SQLITE_PLAIN', `') ') dnl ifelse_strstr(confSMTP_AUTH_SOURCE, `SQLITE', `') dnl ifelse(confSMTP_AUTH_SOURCE, `SMTP', `dnl server_condition = ${perl{smtp_login}{confSMTP_AUTH_SMTP_HOST}{confSMTP_AUTH_SMTP_PORT}{$qualify_domain}{confSMTP_AUTH_SMTP_MECH}{$auth1}{$auth2}} ') dnl ifelse(confSMTP_AUTH_SOURCE, `SMTP', `') dnl ifelse(confSMTP_AUTH_SOURCE, `SMTPTLS', `dnl server_condition = ${perl{smtptls_login}\ {confSMTP_AUTH_SMTPTLS_HOST}{confSMTP_AUTH_SMTPTLS_PORT}{${if eq{confSMTP_AUTH_SMTPTLS_NOTLS}{NO}{0}{1}}}{$qualify_domain}{$auth1}{$auth2}} ') dnl ifelse(confSMTP_AUTH_SOURCE, `SMTPTLS', `') dnl ifelse(confSMTP_AUTH_SOURCE, `IMAP', `dnl server_condition = ${perl{imap_login}{confSMTP_AUTH_IMAP_HOST}{confSMTP_AUTH_IMAP_PORT}{$auth1}{$auth2}} ') dnl ifelse(confSMTP_AUTH_SOURCE, `IMAP', `') dnl ifelse(confSMTP_AUTH_SOURCE, `PAM', `dnl server_condition = ${if pam{$auth1:${sg{$auth2}{:}{::}}}{yes}{no}} ') dnl ifelse(confSMTP_AUTH_SOURCE, `PAM', `') dnl ifelse(confSMTP_AUTH_SOURCE, `RADIUS', `dnl server_condition = ${if radius{$auth1:${sg{$auth2}{:}{::}}}{yes}{no}} ') dnl ifelse(confSMTP_AUTH_SOURCE, `RADIUS', `') dnl ifelse(confSMTP_AUTH_SOURCE, `SASLAUTHD', `dnl # server_condition = ${if saslauthd{{username}{password}{service}{realm}}{yes}{no}} server_condition = ${if saslauthd{{${local_part:$auth1}}{$auth2}{}{${domain:$auth1}}}{yes}{no}} ') dnl ifelse(confSMTP_AUTH_SOURCE, `SASLAUTHD', `') dnl ifelse(confSMTP_AUTH_SOURCE, `CUSTOM', `dnl server_condition = replace_all_substr(`replace_all_substr(`replace_all_substr(confSMTP_AUTH_CUSTOM_SERVER_CONDITION,`x24LOGIN',`x24auth1')',`LOGIN',`$auth1')',`PASSWORD',`$auth2') ') dnl ifelse(confSMTP_AUTH_SOURCE, `CUSTOM', `') dnl ') dnl ifdef(`confSMTP_AUTH_SOURCE', `') server_set_id = $auth1 ')') dnl ifdef(`confSMTP_AUTH_LOGIN', `ifelse(confSMTP_AUTH_LOGIN, `YES', `')') ifdef(`confSMTP_AUTH_CRAM_MD5', `ifelse(confSMTP_AUTH_CRAM_MD5, `YES', `dnl srv_auth_cram_md5: driver = cram_md5 public_name = CRAM-MD5 # server_secret = ${if eq{$auth1}{login}{password}fail} ifdef(`confSMTP_AUTH_SOURCE', `dnl dnl ifelse(confSMTP_AUTH_SOURCE, `PASSWD_PLAIN', `dnl server_secret = ${lookup{$auth1}lsearch{confSMTP_AUTH_PASSWD_PLAIN}\ {{${sg{${extract{1}{:}{$value}}}{\N^\{\S+\}\N}{}}}}\ {\ ${lookup{$auth1@$qualify_domain}lsearch{confSMTP_AUTH_PASSWD_PLAIN}\ {{${sg{${extract{1}{:}{$value}}}{\N^\{\S+\}\N}{}}}}fail}\ }} ') dnl ifelse(confSMTP_AUTH_SOURCE, `PASSWD_PLAIN', `') dnl ifelse(confSMTP_AUTH_SOURCE, `LDAP_PLAIN', `dnl server_secret = ${lookup ldap{ \ user=${quote:confSMTP_AUTH_LDAP_LOGIN} pass=${quote:confSMTP_AUTH_LDAP_PASS} ifdef(`confSMTP_AUTH_LDAP_EXTRAATTR', `ifelse(`X'confSMTP_AUTH_LDAP_EXTRAATTR, `X', `', `confSMTP_AUTH_LDAP_EXTRAATTR ')')\ ldap://confSMTP_AUTH_LDAP_HOST/confSMTP_AUTH_LDAP_BASE?dn,cn?sub?\ replace_str(confSMTP_AUTH_LDAP_FILTER, `LOGIN', `${quote_ldap_dn:$auth1}')\ }\ {${sg{${extract{confSMTP_AUTH_LDAP_PASSWD_ATTR}{$value}}}{\N^\{\S+\}\N}{}}}\ fail} ') dnl ifelse(confSMTP_AUTH_SOURCE, `LDAP_PLAIN', `') dnl ifelse(confSMTP_AUTH_SOURCE, `MYSQL_PLAIN', `dnl server_secret = ${lookup mysql{ \ ${sg{\ confSMTP_AUTH_MYSQL_PLAIN \ }{\NLOGIN\N}{${quote_mysql:$auth1}}}\ }{$value}fail} ') dnl ifelse(confSMTP_AUTH_SOURCE, `MYSQL_PLAIN', `') dnl ifelse(confSMTP_AUTH_SOURCE, `SQLITE_PLAIN', `dnl server_secret = ${lookup sqlite{confSQLITE \ ${sg{\ confSMTP_AUTH_SQLITE_PLAIN \ }{\NLOGIN\N}{${quote_sqlite:$auth1}}}\ }{$value}fail} ') dnl ifelse(confSMTP_AUTH_SOURCE, `SQLITE_PLAIN', `') dnl ') dnl ifdef(`confSMTP_AUTH_SOURCE', `') server_set_id = $auth1 ')') dnl ifdef(`confSMTP_AUTH_CRAM_MD5', `ifelse(confSMTP_AUTH_CRAM_MD5, `YES', `')') ifdef(`confSMTP_AUTH_GSSAPI', `ifelse(confSMTP_AUTH_GSSAPI, `YES', `dnl srv_auth_gssapi: driver = heimdal_gssapi public_name = GSSAPI ifdef(`confSMTP_AUTH_GSSAPI_SERVER_SERVICE', `ifelse(`X'confSMTP_AUTH_GSSAPI_SERVER_SERVICE, `X', `', `dnl server_service = confSMTP_AUTH_GSSAPI_SERVER_SERVICE ')') dnl ifdef(`confSMTP_AUTH_GSSAPI_SERVER_HOSTNAME', `ifelse(`X'confSMTP_AUTH_GSSAPI_SERVER_HOSTNAME, `X', `', `dnl server_hostname = confSMTP_AUTH_GSSAPI_SERVER_HOSTNAME ')') dnl ifdef(`confSMTP_AUTH_GSSAPI_SERVER_KEYTAB', `ifelse(`X'confSMTP_AUTH_GSSAPI_SERVER_KEYTAB, `X', `', `dnl server_keytab = confSMTP_AUTH_GSSAPI_SERVER_KEYTAB ')') dnl server_set_id = $auth1 ')') dnl ifdef(`confSMTP_AUTH_GSSAPI', `ifelse(confSMTP_AUTH_GSSAPI, `YES', `')') ') dnl ifelse(SECTION, `AUTHENTICATORS', `')