Philip Hazel wrote:
> On Wed, 1 Mar 2006, Tony Finch wrote:
>>I have ${if def:sender_host_authenticated \
>> {($sender_host_authenticated:$authenticated_id) } }\
> Thinking some more about this as a possible change to the default, I
> have decided that I do not like it, because it may start exposing values
> of $authenticated_id to the world that people do not want to be exposed.
FWIW, I must concur with you on that. Whilst Tony's construction is
useful if an organisation wants to include that information, personally
I would rather not needlessly enumerate user logins. The information is
stored in Exim's logs, so if there is a report of abuse then it's easy
to trace. There's no need for a third party to know which internal
username was used to authenticate with Exim.
Tim
