[exim] Authentication - SPA password storage

Page principale
Supprimer ce message
Répondre à ce message
Auteur: keith
Date:  
À: exim-users
Sujet: [exim] Authentication - SPA password storage
My exim setup is using the SPA method of authentication, which is working
fine. The issue I have is that the usernames and passwords for this are
being held in a plain text file. Is there any way to at least get the
passwords encrypted, as having them held unencrypted seems to me to be a
possible security flaw (the file is only readable by the exim user, but
regardless of tthat it is still a file with un-encrypted passwords in it)


The config I am using for the authentication is as follows:


begin authenticators

spa:
driver = spa
public_name = NTLM
server_password =
${lookup{$auth1}lsearch{/usr/exim/exim-users}{$value}fail}


Any ideas on how to encrypt the passwords and keep the SPA authenticaion
working?

Regards,
Keith.