On Wed, 10 Jul 2002 [EMAIL PROTECTED] wrote:
> > > Okay... this scares me. I enabled POP3 logging and started checking it and > decided in a big hurry that I didn't like the log output as it gives me one > more thing to make sure outside users (crackers) can't get hold of. Assuming > I don't have any unusual settings involved in creating my log file, I have > to ask if this is correct output: > > "ns1.domain.tld" "domain.tld" "10.0.0.10" "2002-07-10 17:04:51" > "user" "password" > > The above is what I get where ns1.domain.tld is my actual name server, > domain.tld is my actual domain name w/ extension, 10.0.0.10 is the IP > address from which the account was checked, the date/time is as I found it, > user is the actual username and password the actual password. I can see some > uses for such a log file, but is it possible without much trouble to encrypt > the password or eliminate it completely from this file? It seems the > potential issues that could come of this would outweigh the benefits. (The > only real benefit I see to being able to check the logs to see what > user/pass were used are to correct users who are mistakenly using an > incorrect password...) set the permissions for the MAIL_ROOT correctly and you're set - Davide - To unsubscribe from this list: send the line "unsubscribe xmail" in the body of a message to [EMAIL PROTECTED] For general help: send the line "help" in the body of a message to [EMAIL PROTECTED]
