Re: [exim] auth disclosure on auth rejects in logfiles

Inizio della pagina
Questo messaggio è parte di questo thread:
M\il thread completo ordinato per data
MMAndrew C Aitchison at <-
MJeremy Harris at ->
Delete this message
Reply to this message
Autore: Jeremy Harris
Data:  
To: exim-users
Oggetto: Re: [exim] auth disclosure on auth rejects in logfiles
On 25/01/2021 10:36, Cyborg via Exim-users wrote:
> 2021-01-25 10:15:47 H=<HOSTNAME> (EHLO STRING) [IP ADDRESS] X=TLS1.3:TLS_AES_128_GCM_SHA256:128 CV=no rejected AUTH PLAIN BASE64STRING : authentication is allowed only once per message in order to slow down bruteforce cracking
>
> This config part:
>
> acl_check_auth:
>   drop  message = authentication is allowed only once per message in order \
>                   to slow down bruteforce cracking

> I don't see a good reason to print that info into the log, as in the case I found, the mailclient just made a mistake and it was not an attacker.

We do avoid logging the equivalent on outgoing... I guess that case was more obviously
"our" sensitive info. I agree this could do with attention.
--
Cheers,
Jeremy

Questo messaggio è stato inviato alle seguenti mailing lists:
Exim-users
Informazioni sulla Mailing List | Messaggi correlati		<-Re: [exim] auth disclosure on auth rejects in logfiles[exim] Taint mismatch, Ustrncpy: retry_update 826 ?->
Tahini and Hummus and Cumin Development Archives amministrato da cumin AdminsLurker (versione 2.3)