-. $Cambridge: exim/doc/doc-docbook/spec.xfpt,v 1.54 2009/10/13 08:46:06 tom Exp $
+. $Cambridge: exim/doc/doc-docbook/spec.xfpt,v 1.57 2009/10/16 08:49:47 tom Exp $
.
. /////////////////////////////////////////////////////////////////////////////
. This is the primary source of the Exim Manual. It is an xfpt document that is
.cindex "options" "router &-- extracting"
.cindex "options" "transport &-- extracting"
+.cindex "options" "authenticator &-- extracting"
If one of the words &%router%&, &%transport%&, or &%authenticator%& is given,
followed by the name of an appropriate driver instance, the option settings for
that driver are output. For example:
settings can be obtained by using &%routers%&, &%transports%&, or
&%authenticators%&.
+.cindex "options" "macro &-- extracting"
+If invoked by an admin user, then &%macro%&, &%macro_list%& and &%macros%&
+are available, similarly to the drivers. Because macros are sometimes used
+for storing passwords, this option is restricted.
+The output format is one item per line.
.vitem &%-bp%&
.oindex "&%-bp%&"
To make the authenticators work, you can use a string expansion
expression like one of the examples in &<<CHAPplaintext>>&.
+Beware that the sequence of the parameters to PLAIN and LOGIN differ; the
+usercode and password are in different positions. &<<CHAPplaintext>>&
+covers both.
+
.ecindex IIDconfiwal
As a special case, the numerical value of an empty string is taken as
zero.
+.vitem &*bool&~{*&<&'string'&>&*}*&
+.cindex "expansion" "boolean parsing"
+.cindex "&%bool%& expansion condition"
+This condition turns a string holding a true or false representation into
+a boolean state. It parses &"true"&, &"false"&, &"yes"& and &"no"&
+(case-insensitively); also positive integer numbers map to true if non-zero,
+false if zero. Leading whitespace is ignored.
+All other string values will result in expansion failure.
+
+When combined with ACL variables, this expansion condition will let you
+make decisions in one place and act on those decisions in another place.
+For example,
+.code
+${if bool{$acl_m_privileged_sender} ...
+.endd
+
.vitem &*crypteq&~{*&<&'string1'&>&*}{*&<&'string2'&>&*}*&
.cindex "expansion" "encrypted comparison"
.cindex "encrypted strings, comparing"
.code
server_condition = ${if pwcheck{$auth1:$auth2}}
.endd
+Again, for a PLAIN authenticator configuration, this would be:
+.code
+server_condition = ${if pwcheck{$auth2:$auth3}}
+.endd
.vitem &*queue_running*&
.cindex "queue runner" "detecting when delivering from"
.cindex "expansion" "queue runner test"
sasl_plain:
driver = cyrus_sasl
public_name = PLAIN
- server_set_id = $auth1
+ server_set_id = $auth2
.endd
Cyrus SASL does implement the LOGIN authentication method, even though it is
not a standard method. It is disabled by default in the source distribution,
driver = dovecot
public_name = PLAIN
server_socket = /var/run/dovecot/auth-client
- server_set_id = $auth1
+ server_set_id = $auth2
dovecot_ntlm:
driver = dovecot