tags 527964 -patch severity 527964 wishlist thanks Hi,
On sneon 9 Maaie 2009, CJ Fearnley wrote: > If a user of squirrelmail sends spam, for example, or, in general, > if the admin needs to find out who the sender of a particular e-mail > logged by the MTA is, then the current version provides insufficient > data (etch did better but was suboptimal as well). The "SquirrelMail > authenticated user" is included in the Received header. However, most > MTAs do not log the Received header. So a squirrelmail admin will > have no means to determine which of their users sent an e-mail that > is registered in the local exim, postfix, sendmail logs. Therefore, > I submit that it is essential that squirrelmail log the authenticated > user in the Message-ID as well since most MTAs do log the Message-ID. Thanks for your message. I agree that logging can be important but it's quite dependent on the environment what and how things should be logged. In many situations the Received header information is satisfactory. There are other avenues for other requirements: install one of the logger plugins that are available, or use authenticated SMTP. There are plans to integrate logging more closely in SquirrelMail, but given e.g. the plugins that are available I do not see it as a bug but merely as a feature request. The patch you supplied may work indeed, but it not acceptable upstream. We've tried to get such information out of the message ID, because some sites explicitly *don't* want username info leaked in that ID. cheers, Thijs
signature.asc
Description: This is a digitally signed message part.
