> begin authenticators
>
> plain_login:
> driver = plaintext
> public_name = PLAIN
> server_condition = ${lookup mysql{SELECT '1' FROM users WHERE
> CONCAT(user, '@', host) = '${quote_mysql:$2}' AND
> pass = '${quote_mysql:$3}'} {yes}{no}}
> server_set_id = $2
>
> fixed_login:
> driver = plaintext
> public_name = LOGIN
> server_prompts = "Username:: : Password::"
> server_condition = ${lookup mysql{SELECT '1' FROM users WHERE
> CONCAT(user, '@', host) = '${quote_mysql:$1}' AND
> pass = '${quote_mysql:$2}'} {yes}{no}}
> server_set_id = $1
I wouldn't do this because the password may be logged in the SQL log file.
You could try this using the encrypt functions (using the same salt). Have
mysql encrypt the password (pass) and have exim encrypt the password ($2)
and compare them.
It's probably safer to check the passwords in exim since they won't show.
If your passwords are already encrypted, you shouldn't have a problem
provided that the cleartext password is never sent to mysql.
--
Lab tests show that use of micro$oft causes cancer in lab animals