Re: [Exim] SMTP auth, MySQL & passwords stored in clear

Page principale
Supprimer ce message
Répondre à ce message
Auteur: Konrad Michels
Date:  
À: Torsten Mueller
CC: exim-users@exim.org
Sujet: Re: [Exim] SMTP auth, MySQL & passwords stored in clear
BTW - this also works for SPA . . . thought I'd let everyone know.

Later
Konrad


On Wed, 2004-01-07 at 17:22, Torsten Mueller wrote:
> Konrad Michels schrieb:
> >
> > Hi Folks
> > Someone has probably asked this before (can't recall seeing anything
> > about it in the last couple of thousand mails!), so apologies if this is
> > covering old ground again.
> ...
> > The other thing that has got me flummoxed is getting the same
> > authenticator working for cram_md5 - I just can't seem to get the mysql
> > lookup syntax right. If I can get cram_md5 working, I'll be less fussed
> > about the plaintext passwords, but it would still be nice to get both
> > fixed.
> >
> > Thanks in advance for your valuable time!
>
> I did it this way:
>
> MYSQL_AUTH_CRAM = SELECT MYSQL_SMTPAUTH_PASS_FIELD from
> MYSQL_SMTPAUTH_TABLE where MYSQL_SMTPAUTH_USER_FIELD = '${quote
> _mysql:$1}' AND MYSQL_SMTPAUTH_PASS_FIELD != ''
>
> cram:
>         driver = cram_md5
>         public_name = CRAM-MD5
>         server_secret = ${lookup mysql {MYSQL_AUTH_CRAM}}
>         server_set_id = $1

>
>
> Torsten
>
> --
>
> ## List details at http://www.exim.org/mailman/listinfo/exim-users Exim details at http://www.exim.org/ ##

--
***********************************************************
* Konrad Michels
* IT Manager
* Surfkitchen Limited
* +441189298079
***********************************************************

The information contained in this message is confidential. It is
intended solely for the use of the individual or entity to whom it is
addressed and other authorised to receive it. If the reader of this
message is not the intended recipient, you are hereby notified that any
use, copying, dissemination or disclosure of this information is
strictly prohibited. If you are not the intended recipient, please
delete it immediately and contact the sender by e-mail or telephone.
Internet e-mails are not necessarily secure. SurfKitchen accepts no
responsibility either for breaches of confidence that may arise through
the use of this medium or for changes to any e-mail which occur after
the e-mail has been sent.