Re: [Exim] [ Exim 3.36 ] SMTP AUTH hacked ?

Page principale
Supprimer ce message
Répondre à ce message
Auteur: Oliver Fleischmann
Date:  
À: exim-users
Sujet: Re: [Exim] [ Exim 3.36 ] SMTP AUTH hacked ?
On Tue, 4 Mar 2003, Philip Hazel wrote:

> On Tue, 4 Mar 2003, Nico Erfurth wrote:
>
> > > fixed_login:
> > >        driver = plaintext
> > >        public_name = LOGIN
> > >        server_condition = "${if eq
> > > {${lookup{$1}lsearch{/usr/local/exim/etc/trusted_users}{$value}}} {$2} {yes}
> > > {no}}"
> > >        server_set_id = $1
> > >        server_prompts = "Username:: : Password::"

> >
> > in general you should verify that you lookup SOME password, I used
> >
> > server_condition = "${if eq\
> > {${lookup{$1}lsearch{/usr/local/exim/etc/trusted_users}{$value}fail}}\
> > {$2} {yes}{no}}"
> >
> > to make sure that the expansion fails if the lookup wasn't successful.
>
> I agree with Nico; that lookup of yours will end up as an empty string
> if the lookup fails. So all the spammers have to do is supply an empty
> string as a password for a non-existant user. At least, that's what
> appears to be the case.


Is the example in the Exim book (on page 365) save?

server_condition = ${if crypteq{$3}\
{${extract{1}{:}{${lookup{$2}lsearch{/etc/passwd}{$value}}}}\
}{yes}{no}}

We use that to authenticate against our shadow file.


Thanks,
Oliver