Re: [Exim] SMTP_AUTH passwords in mainlog

Page principale
Supprimer ce message
Répondre à ce message
Auteur: Suresh Ramasubramanian
Date:  
À: Todd Jagger, exim-users
Sujet: Re: [Exim] SMTP_AUTH passwords in mainlog
At 08:41 PM 3/7/2003 -0600, Todd Jagger wrote:
>I've just recently implemented SMTP_AUTH on a client's mail server (Exim
>4.12). Right now we just have Plain and Login set up. I notice that the
>password for each auth sending session is written in plain text to the
>exim_mainlog in a "A=login:<password in clear text>" entry. Is there
>any way to keep it from logging that specific part of the session while
>keeping the information level the same for general logging?


er no - the log typically logs the *username* in cleartext

where are you seeing the password logged in cleartext?

post your authenticator settings please.

         suresh