[exim-dev] [Bug 1469] Bruteforce logentry does show base64 u…

Top Page
Delete this message
Reply to this message
Author: Jeremy Harris
Date:  
To: exim-dev
Subject: [exim-dev] [Bug 1469] Bruteforce logentry does show base64 username
------- You are receiving this mail because: -------
You are on the CC list for the bug.

http://bugs.exim.org/show_bug.cgi?id=1469




--- Comment #3 from Jeremy Harris <jgh146exb@???> 2014-04-18 10:34:19 ---
Aha. The logging for the "drop" action has inserted the complete smtp command
being rejected; it doesn't even care it was an AUTH, much less decode the
content.

If you want the decoded name for a LOGIN method of AUTH logged, you'll have to
do this explicitly in the authenticator. Assuming 4.82 the simplest way would
be a logging-only acl called via an acl expansion item from the fail side of
the LOGIN authenticator server_condition. However, the authenticators are run
*after* acl_check_auth - so to enable what you want you will need to move the
once-per-message counting into (duplicated) the authenticators.

With exim 4.80.1 custom logging was harder. It can be done by calling into the
internal logging routines via a perl expansion
${perl{Exim::log_write}{log-this-string}}


--
Configure bugmail: http://bugs.exim.org/userprefs.cgi?tab=email