>>> (-) Server Settings >> ... >>> Header Encryption Key >> >> Encryption key allows to hide SquirrelMail Received: headers >> in outbound messages. Interface uses encryption key to encode >> username, remote address and proxied address, then stores encoded >> information in X-Squirrel-* headers. >> >> Warning: used encryption function is not bulletproof. When used >> with static encryption keys, it provides only minimal security >> measures and information can be decoded quickly. >> >> Encoded information can be decoded with decrypt_headers.php script >> from SquirrelMail contrib/ directory. > > Sorry, that is greek to me. ;) What is it that you suggest that I enter > there, and will it help this situation?
Any password string will work. if encryption string is not set, SquirrelMail adds --- Received: from xxx.xxx.xxx.xxx (SquirrelMail authenticated user some-username) by webserver-address with HTTP; --- If encryption string is set, SquirrelMail adds --- X-Squirrel-UserHash: FRwJBxQoFRwUCQsBEl0IEg== X-Squirrel-FromHash: VEtTUFZQUEE= --- or something similar. First header looks like standard email header and can be parsed by email scanners. Second header is custom. Why should scanners care about it. -- Tomas ------------------------------------------------------- This SF.Net email is sponsored by xPML, a groundbreaking scripting language that extends applications into web and mobile media. Attend the live webcast and join the prime developer group breaking into this new coding territory! http://sel.as-us.falkag.net/sel?cmd=lnk&kid=110944&bid=241720&dat=121642 -- squirrelmail-users mailing list Posting Guidelines: http://www.squirrelmail.org/wiki/MailingListPostingGuidelines List Address: [email protected] List Archives: http://news.gmane.org/thread.php?group=gmane.mail.squirrelmail.user List Archives: http://sourceforge.net/mailarchive/forum.php?forum_id=2995 List Info: https://lists.sourceforge.net/lists/listinfo/squirrelmail-users
