Log in

No account? Create an account


Client SMTP Authorization

« previous entry | next entry »
7th Mar 2005 | 22:36

So while the rest of the team are having a knees-up at the 62nd IETF in Minneapolis, I'm quietly implementing CSA for Exim. There's about 450 lines of reasonably straightforward new code to do this. You can now say something like the following in an ACL to reject any hosts which are not authorized.
      require verify = csa

In addition to that, the dnsdb lookup type will also handle CSA records. A straight SRV lookup isn't enough because CSA also involves a search for a site policy record. The dnsdb CSA lookup also does some extra checking and pretty-prints the contents of the CSA record for extra friendliness.

There are a few more details to the implementation which I will be writing down tomorrow when I get stuck into the documentation. That will be after the code has been tested (as opposed to just compiled).

| Leave a comment |

Comments {2}


from: korenwolf
date: 8th Mar 2005 11:22 (UTC)

Ohh... when's this likely to hit a released version?

Reply | Thread

Tony Finch

from: fanf
date: 8th Mar 2005 11:28 (UTC)

I'll post a patch on the -dev list (and a few other places) when it's done, which should be tomorrow. I decided overnight that some parts of the implementation can be improved (er, by going back to an earlier draft of the code), and of course testing and documentation is SUCH FUN.

Reply | Parent | Thread