Fine! So I'm going to wait patiently for one of the next releases oft
that excellent software called exim.
thanks, Felix
-------------------------
Felix
Philip Hazel wrote:
PH> On Thu, 2 Mar 2006, Felix Brack wrote:
>> Perhaps the answer to my question is: "There is no option that makes exim
>> log usernames or passwords due to security reasons"?
PH> It's the start of the day, and I am now awake. :-) When I wrote
>> PH> That debug looks odd. It should show the entire SMTP dialogue,
PH> I wasn't really thinking it through. What I should have said was that
PH> the debug should show the entire SMTP dialogue *at the top level*. It
PH> doesn't show exchanges that happen inside the authenticator code. I
PH> think that is probably a mistake, the result of an oversight when the
PH> authenticators were first implemented. That's quite a long time ago now,
PH> and I'm surprised nobody noticed it before. I will treat it as a bug,
PH> and fix it.
PH> I don't think there is a security issue, because only an Exim admin user
PH> can start an Exim daemon, and in any case, only an Exim admin user can
PH> set a sufficiently high debug level.
PH> --
PH> Philip Hazel University of Cambridge Computing Service
PH> Get the Exim 4 book: http://www.uit.co.uk/exim-book
