I'm looking at SMTP Auth with Exim today and have another logical
problem to seek advice on.
Whilst I compiled in support for Dovecot to do the donkey work on AUTH
it - in turn - is going to ask questions of a backend MySQL. It would be
nice to cut out the middleman and a quick google around gave me some
promising hints - looking at a simple 'plain' authenticator (without TLS
at this point):
plain:
driver = plaintext
public_name = PLAIN
#server_advertise_condition = ${if eq{$tls_cipher}{}{no}{yes}}
server_condition = ${if crypteq {$3}{\{sha1\}${lookup
mysql{ \
SELECT userpassword \
FROM mailusers \
WHERE email='${quote_mysql:$2}' \
AND outbound=1 \}}}{yes}{no}}
server_set_id= $2
Trying to turn the condition back into English (and any correction would
be welcome) I understand this to mean:
If the (base64) decrypted value of $3 is equal to the database field
'userpassword' then the test succeeds (yes) - If not it fails (no).
Sofar?
That would be mighty fine if the password values in the backend MySQL
database were not one-way hashed with: MD5('password').
Other than the option of storing the passwords in the clear (or sticking
with plan 'a' to use Dovecot), does anyone know how I could 'rephrase
the question' directly in the authenticator to get the desired result?
Basically I need to translate into Exim:
If the MD5 value of the (base64) decrypted value of $3 is equal to the
database field 'userpassword' then the test succeeds (yes) - If not it
fails (no) - or some other way of achieving the same thing?
Apologies if the question is stupid. This is all quite new to me, but
I'm clawing my way up the steep learning curve. Any useful comments or
advice is gratefully received.