[exim-dev] [Bug 1021] New: Storing private data during serve…

Top Pagina
Delete this message
Reply to this message
Auteur: Mike Cardwell
Datum:  
Aan: exim-dev
Onderwerp: [exim-dev] [Bug 1021] New: Storing private data during server authentication
------- You are receiving this mail because: -------
You are on the CC list for the bug.

http://bugs.exim.org/show_bug.cgi?id=1021
           Summary: Storing private data during server authentication
           Product: Exim
           Version: N/A
          Platform: All
        OS/Version: All
            Status: NEW
          Severity: wishlist
          Priority: medium
         Component: ACLs
        AssignedTo: nigel@???
        ReportedBy: exim-users@???
                CC: exim-dev@???



In a server authenticator you can currently do:

server_set_id = SOMETHING

"SOMETHING" is then placed in the logs, the received header, and is accessible
as $authenticated_id

I would like to be able to set another more private variable from the
authenticators and access that from the ACLs also. Eg:

server_set_data = SOMETHING

Which would fill $authenticated_data

This would allow me to store the provided password (in PLAIN and LOGIN)
authenticators.

I want to be able to do this in order to fulfill a "you must not send your
password via email" policy. If this feature existed, I would be able to scan
for $authenticated_data in each text mime part and freeze/reject the email if
it exists.

I'm sure there must be other use cases where you want to store data during the
authentication but not have that mentioned in the logs and received headers.


--
Configure bugmail: http://bugs.exim.org/userprefs.cgi?tab=email