Re: [Exim] SMTP auth, MySQL & passwords stored in clear

Top Page
Delete this message
Reply to this message
Author: Torsten Mueller
Date:  
To: exim-users@exim.org
Subject: Re: [Exim] SMTP auth, MySQL & passwords stored in clear
Konrad Michels schrieb:
>
> Hi Folks
> Someone has probably asked this before (can't recall seeing anything
> about it in the last couple of thousand mails!), so apologies if this is
> covering old ground again.

...
> The other thing that has got me flummoxed is getting the same
> authenticator working for cram_md5 - I just can't seem to get the mysql
> lookup syntax right. If I can get cram_md5 working, I'll be less fussed
> about the plaintext passwords, but it would still be nice to get both
> fixed.
>
> Thanks in advance for your valuable time!


I did it this way:

MYSQL_AUTH_CRAM = SELECT MYSQL_SMTPAUTH_PASS_FIELD from
MYSQL_SMTPAUTH_TABLE where MYSQL_SMTPAUTH_USER_FIELD = '${quote
_mysql:$1}' AND MYSQL_SMTPAUTH_PASS_FIELD != ''

cram:
        driver = cram_md5
        public_name = CRAM-MD5
        server_secret = ${lookup mysql {MYSQL_AUTH_CRAM}}
        server_set_id = $1



Torsten