Re: [Exim] X-Authenticated-Sender i SMTP Auth

Top Page
Delete this message
Reply to this message
Author: Tamas TEVESZ
Date:  
To: Sebastian Sawicki
CC: exim-users
Subject: Re: [Exim] X-Authenticated-Sender i SMTP Auth
On Fri, 7 Jun 2002, Sebastian Sawicki wrote:

> headers_add = "X-Authenticated-Sender: ${authenticated_sender}\n \


s/sender/id/


btw, i'd scramble it if i were you. i'm doing it like:

${if def:authenticated_id { (authenticated sender:
${md5:${authenticated_id}${message_id}ASMTP_HEADER_SECRET})}}\

(line wrapped, it's one line really, and it's a received_headers_text
entry, so modify accordingly). ASMTP_HEADER_SECRET is a macro with
some random foobar in it.

that makes you find any sender easily (as the "key space" is finite
and unlikely to be very big, unless you have several trilliongazillion
users :), but makes for any outsider hard to attack on your usernames.




--
[-]