If a connection is authenticated with
RFC2554 AUTH, and if an encryption layer is used, a keylength will be
associated with the encryption used. This
${auth_ssf} macro is assigned that length, which
is an integer representation of the number of bits used. This is the
actual keylength.
This ${auth_ssf} macro is used in two places in
the default sendmail.cf file. It is used by a
common subroutine called from the tls_rcpt (Section 10.10.8.3), tls_client (Section 10.10.8.2), and tls_server (Section 10.10.8.2) rule sets. It is also used as part of the
default Received: header:
HReceived: $?sfrom $s $.$?_($?s$|from $.$_)
$.$?{auth_type}(authenticated$?{auth_ssf} bits=${auth_ssf}$.)
$.by $j ($v/$Z)$?r with $r$. id $i$?{tls_version}
(version=${tls_version} cipher=${cipher} bits=${cipher_bits}
verify=${verify})$.$?u
for $u; $|;
$.$b
The ${auth_ssf} macro is useful for adding your
own rules to policy rule sets. Note that a $&
prefix is necessary when you reference this macro in rules (that is,
use $&{auth_ssf}, not
${auth_ssf}).
${auth_ssf} is transient. If defined in the
configuration file or in the command line, that definition can be
ignored by sendmail.
