[tpop3d-discuss] Some interesting problems I ran into today regarding Exim SMTP-Auth, tpop3d, and vmail-sql
Daniel Einspanjer
daniel-ml-reply at yipyip.com
Thu, 10 Jan 2002 18:01:28 -0500
Well, in a post to the exim-users group a few days ago, I=
mentioned the problem I started having with SMTP-Auth when I=
upgraded to Exim-3.34. After putting some debug statements into=
the code that Phillip suggested, I discovered that my=
authentication sections in the exim.conf file were totally=
fubared and that the only reason it was working prior to 3.34=
was because of a bug where exim took the empty string crypt()=
returned if the salt was empty and authenticated.
I fixed my plain and login authenticators and then discovered=
that exim was attempting to compare the password given with=
crypt() when in fact, what was stored in the database by=
vmail-sql was an MD5 digest. Oops.
So. I prefixed the password with {md5} in my exim.conf, but it=
still didn't work. I'm not one hundred percent positive, but I=
believe it is because exim is using a base 64 digest whereas=
vmail-sql/tpop3d is using a base 32..
Well, I think it would be possible to tweak either of these=
programs to match the other, but I wasn't really comfortable=
with doing either, so I decided to take a third approach and=
change the vmail-sql scripts to store the password in plaintext=
as well as digest. This is bad, and I don't like it, but it has=
to happen eventually anyway if I want to switch to APOP from=
what I understand.
I don't really have any questions regarding this, which is good=
news, but I would like to know if other people out there have=
come up with better ways to do the combination of POP and SMTP=
authentication, preferably using tpop3d and vmail-sql. I would=
be happy to volunteer some of my time to compiling these=
configurations together and making them available to the masses=
of people who have problems in this area all the time (to judge=
from the mailing lists). :)
Anyway, feel free to reply to me directly or on the list if you=
have anything you'd like to donate.
Daniel Einspanjer
daniel@yipyip.com