------- You are receiving this mail because: -------
You are on the CC list for the bug.
http://bugs.exim.org/show_bug.cgi?id=1021
Summary: Storing private data during server authentication
Product: Exim
Version: N/A
Platform: All
OS/Version: All
Status: NEW
Severity: wishlist
Priority: medium
Component: ACLs
AssignedTo: nigel@???
ReportedBy: exim-users@???
CC: exim-dev@???
In a server authenticator you can currently do:
server_set_id = SOMETHING
"SOMETHING" is then placed in the logs, the received header, and is accessible
as $authenticated_id
I would like to be able to set another more private variable from the
authenticators and access that from the ACLs also. Eg:
server_set_data = SOMETHING
Which would fill $authenticated_data
This would allow me to store the provided password (in PLAIN and LOGIN)
authenticators.
I want to be able to do this in order to fulfill a "you must not send your
password via email" policy. If this feature existed, I would be able to scan
for $authenticated_data in each text mime part and freeze/reject the email if
it exists.
I'm sure there must be other use cases where you want to store data during the
authentication but not have that mentioned in the logs and received headers.
--
Configure bugmail:
http://bugs.exim.org/userprefs.cgi?tab=email
