On Wed, 7 Aug 2002, Dave C. wrote:
> I seem to remember once someone posting a way of recording the ID that
> was used for an SMTP AUTH session in the headers of a message, but
> hashing it in some way that hid the data from immediate view, but which
> the admin could decode using a secret key.
>
> I've search around, but am unable to find anything on this.
>
> Anyone here know where I can find this info?
right below this line: [;))]
ASMTP_HEADER_SECRET = pangalaktikgargleblaster
received_header_text = "Received: \
[...]
${if def:authenticated_id { (authenticated sender: ${md5:${authenticated_id}${message_id}ASMTP_HEADER_SECRET})}}\
[...]
or you can put it in an X- header or something.
--
[-]
