Hello!
Exim 4.34 . There is a router in configure:
---------------------------------------------------------------------
SOME_LDAP_LOOKUP = ${ lookup ldap { user="<username>" pass=<pass> ldap:///<lookup text>}}
my_aliases:
driver = redirect
allow_fail = false
allow_defer = false
allow_filter = false
allow_freeze = false
forbid_blackhole = true
forbid_file = true
hide data = SOME_LDAP_LOOKUP
---------------------------------------------------------------------
Exim generates bounce message to sender:
---------------------------------------------------------------------
Delay reason: failed to expand "${ lookup ldap { user="<username>" pass=<pass> ldap:///<lookup text>}} ": lookup of "user="<username>" pass=<pass> ldap:///<lookup text>" gave DEFER: failed to bind the LDAP connection to server <IP>:<Port> - LDAP error 81: Can't contact LDAP server
---------------------------------------------------------------------
So, anyone can get username and password to LDAP server.
It there a way not to send hidden data in bounce messages?
Bye. Alex.
--
