Re: [Exim] SMTP_AUTH passwords in mainlog

Top Page
Delete this message
Reply to this message
Author: Todd Jagger
Date:  
To: exim-users
Subject: Re: [Exim] SMTP_AUTH passwords in mainlog
Thanks for your reply.


Suresh Ramasubramanian wrote:
>
>
> er no - the log typically logs the *username* in cleartext
>
> where are you seeing the password logged in cleartext?


Here's a snippet from the logs with the names changed to protect the
innocent:

2003-03-07 17:28:20 18rQK9-0007RC-00 <= joe@??? H=dialup.blow.com
[24.224.244.249] P=asmtp A=login:PazzWd S=48381
id=5.2.0.9.2.20030307173740.0327cf20@???

Where "PazzWd" is the actual password for the user.

>
> post your authenticator settings please.
>



Here are my authenticators. I admit I copied and pasted these either
from one of the configuration samples or from something here on this
list that was said to work, with minor mod for this implementation. The
"auth_users" file is parts of the /etc/shadow file for the users who
need to relay. Hence my apprehension over seeing their passwords
decrypted in the exim logs. :-)

(this is probably going to wrap funky)

plain:
driver = plaintext
public_name = PLAIN
server_condition = "${if and \
{{!eq{$2}{}}{!eq{$3}{}}{crypteq{$3}{${extract{1}{:}{${lookup{$2} \
lsearch{/var/exim/auth_users}{$value}{*:*}}}}}}}{1}{0}}"
server_set_id = $1

login:
driver = plaintext
public_name = LOGIN
server_prompts = "Username:: : Password::"
server_condition = "${if and \
{{!eq{$1}{}}{!eq{$2}{}}{crypteq{$2}{${extract{1}{:}{${lookup{$1} \
lsearch{/var/exim/auth_users}{$value}{*:*}}}}}}}{1}{0}}"
server_set_id = $2


Thanks again!
Todd