[tpop3d-discuss] Some interesting problems I ran into today regarding Exim SMTP-Auth, tpop3d, and vmail-sql
Paul Warren
pdw at ex-parrot.com
Fri, 11 Jan 2002 09:24:47 +0000
On Thu, Jan 10, 2002 at 11:28:29PM +0000, Chris Lightfoot wrote:
> On Thu, Jan 10, 2002 at 06:01:28PM -0500, Daniel Einspanjer wrote:
> > I don't really have any questions regarding this, which
> > is good news, but I would like to know if other people out
> > there have come up with better ways to do the combination
> > of POP and SMTP authentication, preferably using tpop3d
> > and vmail-sql. I would be happy to volunteer some of my
> > time to compiling these configurations together and making
> > them available to the masses of people who have problems
> > in this area all the time (to judge from the mailing
> > lists). :)
>
> Paul is the expert here, but basically we have implemented
> this by having the authentication running in perl; this
> allows you to re-use the PasswordCrypt module which comes
> with vmail-sql. I expect that this will make it into the
> vmail-sql distribution some time.
This is correct. This has the advantage that it uses the {prefix}hash
style passwords used by vmail and tpop3d, allowing you to mix and match
hash methods as you please. It also supports {plaintext}foo so that
tpop3d can do APOP.
You need a perl function like this:
use lib '/path/to/vmail/lib';
use PasswordCrypt;
sub md5check {
$password = shift;
$hash = shift;
if (PasswordCrypt::authenticate($password,$hash)) {
return "yes";
} else {
return "no";
}
}
You can then use a perl function in the authentication stage.
Please feel free to email the vmail list[0] with queries about this
sort of config.
Paul
[0] http://lists.beasts.org/mailman/listinfo/vmail-discuss