-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 NotDashEscaped: You need GnuPG to verify this message
Am Di den 14. Feb 2012 um 22:22 schrieb Ralph Ballier: > I found this lines in mainlog: > > 2012-02-13 16:25:53 1Rwxmr-0003tG-09 <= [email protected] H=(User) > [4.79.231.188] P=esmtpa A=login S=1695 > 2012-02-13 16:25:54 1Rwxmr-0003tG-09 => [email protected] R=dnslookup > T=remote_smtp H=gmail-smtp-in.l.google.com [173.194.65.27] > 2012-02-13 16:25:54 1Rwxmr-0003tG-09 Completed There is two thinks I wonder about. 1. You have esmtpa instead of esmtpsa that means that the password of the authentication is send unencrypted! So everybody on the line can read it. 2. After A=login there should be the authenticated user. As it is not shown I presume that you have a but in the authentication part that lets users login without a user name. Regards Klaus Ps. And 3. you post TOFU, but that's another story. -- Klaus Ethgen http://www.ethgen.ch/ pub 4096R/4E20AF1C 2011-05-16 Klaus Ethgen <[email protected]> Fingerprint: 85D4 CA42 952C 949B 1753 62B3 79D0 B06F 4E20 AF1C -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) iQGcBAEBCgAGBQJPOtZ6AAoJEKZ8CrGAGfasIm0MAKJD9QYhbKFX2k1mj1PAg0mV 54zl6dxXO0CCqU5ixmKM13nKIdvQiKbGGEbtII3TNDoXvAV6EctnS+7z0Yz7teSO /0rz1U87TQXjdkiU59lz58BInzD9z32tyaH23YuEwJHn0VbggGXr2KN0RRkRWGK9 ubQFhlGvDRN9fdXBTXk1vcxJpOE1l/qkA0bImpgkGN93JgvoWD44H1uaOgNZ/dnF TmFwl5NiNo6EsAAd+qRnI6ubI0ANZ6plbt+GojEe+C3dpS1ZrSF5oqlUVRU2um8N t5V8Pl8ZNKjWf3K7wtVNdqa9xgLUfTthzyvwcDebPJSKYS3zlFkaYyRY47+BiF2X LZs05qCdUKG23Wize3vUHOYXk8ksZlPIlnnGOocCsmGsY3DE0knt8kaYdxT1erGy sOaECFofX5zGi4vb/ulElzieMPlaXuMp9gdnEXmC06o0DEOKMbgYy4Zh7Irt/7Uo aEjlEa66pJSL2DQ4zajFEXQUo58W6gyNQ/GU4pNqRg== =RCSN -----END PGP SIGNATURE----- -- ## List details at https://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
