[exim] Obfuscating $authresults

Pàgina inicial
Delete this message
Reply to this message
Autor: Richard James Salts
Data:  
A: exim-users
Assumpte: [exim] Obfuscating $authresults
Hi all,

I'm looking at the resulting Authentication-Results: header from an
$authresults expansion when using smtp auth and it's giving auth=pass (METHOD)
smtp.auth=user, or in the case of local submission local=pass (non-smtp,
$primaryhostnam) u=user. I was wondering if it would be possible to obfuscate
the user component (e.g. encrypted with HMAC or something like that) so that
you weren't disclosing them to the recipients of your emails. It's using the
$authenticated_id expansion from what I understand. Is there a way to alter
this? Would it be in the server_set_id on the authenticator?

e.g. server_set_id = ${hmac{sha1}{ninjas}{$auth2}}

An hmac doesn't seem like the best tool for this job as you'd have to reverse
it by comparing with your whole user database, surely some kind of encrypted
value would be better with either a symmetric or public key cipher. Would the
only way to achieve this be perl or readsocket?