Re: [Exim] SMTP auth, MySQL & passwords stored in clear

Top Page
This message is part of the following thread:
M-+++\the complete thread tree sorted by date
M\MMMMKonrad Michels at <-
MM..MMKonrad Michels at ->
Delete this message
Reply to this message
Author: Tim Jackson
Date:  
To: Exim Mailing List
Subject: Re: [Exim] SMTP auth, MySQL & passwords stored in clear
Hi Konrad, on Wed, 07 Jan 2004 16:20:35 +0000 you wrote:

> This seems to work fine, except for one thing: the passwords in the
> database have to be stored in plain text
...
> The other thing that has got me flummoxed is getting the same
> authenticator working for cram_md5

If you are going to be using CRAM-MD5 at all, you are going to have to
keep the passwords in plaintext on the server. (This is not a limitation
of Exim; it's to do with the algorithm, which requires the plaintext
password to be available at the server end in order to compute a hash)


Tim


This message was posted to the following mailing lists:
Exim-users
Mailing List Info | Nearby Messages		<-Re: [Exim] localhost as SMTP server again: Dynamic IP adresses being blockedRe: [Exim] SMTP auth, MySQL & passwords stored in clear->
Tahini and Hummus and Cumin Development Archives administrated by cumin AdminsLurker (version 2.3)