Re: [exim] How to debug an encrypted smtp auth connection?

Top Page
Delete this message
Reply to this message
Author: Jeremy Harris
Date:  
To: exim-users
New-Topics: [exim] Debian9/exim4.89 does TLS and SMTP AUTH with gmail, but Debian10/exim4.92 doesn't?
Subject: Re: [exim] How to debug an encrypted smtp auth connection?
On 11/09/2020 03:02, Marc MERLIN via Exim-users wrote:
> If I run exim -d+all my-email@??? , I'd like to see the entire
> SMTP connection decrypted.
> However, it is not shown.


The authentication info is such an obvious security hole
that the data is deliberately overwritten, in the client,
with the asterisks you see.

The server can log it, with a few acrobatics. I do:

plain:
    driver =            plaintext
    public_name =       PLAIN


    server_advertise_condition = ${if def:tls_cipher}
    server_prompts =    :
    server_condition =  ${acl {auth_check} {$auth2}{$auth3}}
    server_set_id =     ${if def:auth2 {${lc:$auth2}} {<empty>}}


You do realise that this data is encoded (*not* encrypted) I hope.
Human eyes still won't like it without further processing.
--
Cheers,
Jeremy