I was just looking at some bounced mail headers and realized the username was listed in the "X-Authenticated-Id" header. Is that header necessary? Can I modify how it displays the sending user? Maybe md5 the username, so I could figure out who it was (if somebody was sending out spam, etc), but not have usernames displayed in plain text.