Re: [Exim] SMTP AUTH (from MySQL) problem

Top Page
Delete this message
Reply to this message
Author: William Thompson
Date:  
To: exim-users
Subject: Re: [Exim] SMTP AUTH (from MySQL) problem
> Ok, another issue just crept up on me.
>
> I'm doing the following for SMTP AUTH:
>
> MYSQL_AUTH_LOGIN = SELECT if(count(*), "1", "0") \
>  FROM users \
>  WHERE (username='${quote_mysql:$1}' \
>     OR username=REPLACE('${quote_mysql:$1}','%','@')) \
>    AND password='${quote_mysql:$2}'

>
> server_condition = ${lookup mysql{MYSQL_AUTH_LOGIN}}
>
> This is working fine for plaintext passwords, but what do I need to do


I did mine a different way. I did checking for users that are
enabled/disabled and looking up their netlogin (incase they use that instead
of their email address)

> to get this to work with DES or MD5 encrypted passwords? Unfortunately,
> I don't have access to everyone's plaintext password.


You have to know the password for this. In the manual, it states that you
need the cleartext password to be available to the server. Thus,
/etc/passwd or /etc/shadow would never work for CRAM-MD5 (or SPA)

I have CRAM-MD5 working, but I have everyone's cleartext password in the DB