[exim] Authentication - SPA password storage

Top Page
This message is part of the following thread:
Mthe complete thread tree sorted by date
 
 
Delete this message
Reply to this message
Author: keith
Date:  
To: exim-users
Subject: [exim] Authentication - SPA password storage
My exim setup is using the SPA method of authentication, which is working
fine. The issue I have is that the usernames and passwords for this are
being held in a plain text file. Is there any way to at least get the
passwords encrypted, as having them held unencrypted seems to me to be a
possible security flaw (the file is only readable by the exim user, but
regardless of tthat it is still a file with un-encrypted passwords in it)


The config I am using for the authentication is as follows:


begin authenticators

spa:
driver = spa
public_name = NTLM
server_password =
${lookup{$auth1}lsearch{/usr/exim/exim-users}{$value}fail}


Any ideas on how to encrypt the passwords and keep the SPA authenticaion
working?

Regards,
Keith.



This message was posted to the following mailing lists:
Exim-users
Mailing List Info | Nearby Messages		<-Re: [exim] IPTables Whitelisting[exim] Easy VERPing with Exim->
Tahini and Hummus and Cumin Development Archives administrated by cumin AdminsLurker (version 2.3)