[Exim] AUTH + SQL: Thoughts

Pàgina inicial
Delete this message
Reply to this message
Autor: Johannes Posel
Data:  
A: exim-users
Assumpte: [Exim] AUTH + SQL: Thoughts

don't worry, I'm not going to bug you with any additional questions
to the topic ;) I just wanted to sum up with what now works fine, and
share a few last thoughts towards it.

The task was to enable SMTP AUTH on Exim v3.36 using a MySQL database.
The authenticators used are appended below[1].

Oh, yes, there's something not to forget: You must include a "NULL"
username with a bogus password in your SQL database, else anyone can
relay through your server by simply sending empty username and
password (for example by using AUTH LOGIN and then just pressing enter
when the server prompts you).

I hope this helps anyone facing the same troubles I had at the
beginning :)

Best regards,
 Johannes                          mailto:jmp@its-toasted.org


[1]

login:
driver=plaintext
public_name=LOGIN
server_condition = ${if eq{$2} {${lookup mysql{SELECT password FROM
accounts WHERE username='${local_part:$1}'}}}{1}{0}}
server_prompts="Username:: : Password::"
server_set_id=$1

login:
driver=plaintext
public_name= PLAIN
server_condition = ${if eq{$2} {${lookup mysql{SELECT password FROM
accounts WHERE username='${local_part:$1}'}}}{1}{0}}
server_prompts= "Login::"
server_set_id=$1

cram:
        driver = cram_md5
        public_name = CRAM-MD5
        server_secret = ${lookup mysql{select password from accounts \
           where username = '${quote_mysql:$1}'}}
        server_set_id = $1