Re: [Exim] SMTP AUTH obsurification?

Top Page
Delete this message
Reply to this message
Author: Dave C.
Date:  
To: Tamas TEVESZ
CC: exim-users
Subject: Re: [Exim] SMTP AUTH obsurification?
On Thu, 8 Aug 2002, Tamas TEVESZ wrote:

> On Wed, 7 Aug 2002, Dave C. wrote:
>
> > I seem to remember once someone posting a way of recording the ID that
> > was used for an SMTP AUTH session in the headers of a message, but
> > hashing it in some way that hid the data from immediate view, but which
> > the admin could decode using a secret key.
> >
> > I've search around, but am unable to find anything on this.
> >
> > Anyone here know where I can find this info?
>
> right below this line: [;))]
>
> ASMTP_HEADER_SECRET = pangalaktikgargleblaster
>
> received_header_text = "Received: \
>     [...]
>     ${if def:authenticated_id { (authenticated sender: ${md5:${authenticated_id}${message_id}ASMTP_HEADER_SECRET})}}\
>     [...]

>
> or you can put it in an X- header or something.



Ok, then how do I decode that? AFAIK, md5 is a one-way hash.