On Fri, 12 Aug 2016 09:32:14 -0400, David Levine said:
But I'd rather see this:
(tls-decrypted) <= 334 Username:
(tls-encrypted) => user(_at_)example(_dot_)com
(tls-decrypted) <= 334 Password:
(tls-encrypted) => my_password
The knee-jerk response is that it's a security issue. A few second's thought shows that it's not revealing anything that the person/software issuing a 'post -snoop' doesn't already have access to. Probably not a bad idea, as it drastically reduces the time to debug a Homer Simpson "D'Oh!" moment when you finally realize it's sending an incorrect user/password pair (been there, done that, when we migrated our mailstore from a local solution to Google Mail... :)
pgpGHTiyENSPG.pgp
Description: PGP signature
_______________________________________________ Nmh-workers mailing list Nmh-workers(_at_)nongnu(_dot_)org https://lists.nongnu.org/mailman/listinfo/nmh-workers