[exim] Re: Blowfish auth

Top Page
Delete this message
Reply to this message
Author: Gandalf Corvotempesta
Date:  
To: Mike Tubby G8TIC
CC: exim-users
Subject: [exim] Re: Blowfish auth
Il giorno gio 16 mag 2024 alle ore 14:32 Mike Tubby G8TIC via
Exim-users <exim-users@???> ha scritto:
>
> As Kai says... everything is possible with Exim+PERL.
>
> I store user authentication details in salted SHA256 in a MySQL backend
> and have Exim call a PERL shim that performs a web-services call to
> localhost:8080 where Nginx runs my authenticator (written in PHP). The
> authenticator receives a POST with IP address/username/password in JSON
> and returns a HTTP 204 (Success, No Data) or HTTP 403 (Forbidden). The
> PERL running in Exim then translates this to accept/reject based on the
> 204 or 403.


Wow that's absolutely overkill :-)
I think would be easier to directly use perl to check the hash against
the mysql db

--
## subscription configuration (requires account):
## https://lists.exim.org/mailman3/postorius/lists/exim-users.lists.exim.org/
## unsubscribe (doesn't require an account):
## exim-users-unsubscribe@???
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/