[Vmail-discuss] smtp auth

Jakob Hirsch jh@xxxxxxxx
Tue, 13 Nov 2001 00:39:14 +0100 

----- Original Message ----- From: "Franz Georg Köhler" <lists@openunix.de>

Hi,

> this question, in fact, is exim related, but I didn't get it answered on
> the exim mailing list, so I'm asking here again.

I'm not reading exim-users list regularly, too much traffic for me. :)

> Is there anyone who is running exim smtp auth with the vmail/sql
> data?

Sure. I had to fiddle with this for a while since I found no real documentation for this, only parts
of configs from others. We currently use the first part (plaintext passwords), but I'll add some
older config lines with md5 which may work, but I don't know any more. It should not be to hard to
change it to one of the other hash_methods and maybe it would be nice to have one for all, but I
don't think it's worth the work.
remarks:
- Mac-Outlook is able to use AUTH only since v5.02 and if you _don't_ use @ as a user-domain
seperator. This seems strange, since POP3-Login with user@domain works flawless.
- valid seperators are "@%!". You can simple add more.



# announce AUTH to hosts not in relay_networks
host_auth_accept_relay = *
...

### AUTHENTICATION CONFIGURATION ###

# PLAIN: user and pass as base64-coded string
# used by: Netscape
plain:
  driver = plaintext
  public_name = PLAIN
  server_condition = "${if and { \
        {!eq {$2}{}} \
        {!eq {$3}{}} \
        {eq {\\{plaintext\\}$3}{${lookup mysql { \
                        select password_hash from popbox \
                        where local_part='${extract {1}{@%!}{$2}}' \
                        and domain_name='${extract {2}{@%!}{$2}}' \
                }{$value}{*:*}}} \
        }}{1}{0}}"
  server_set_id = $2

# LOGIN: challenge from server gets md5-encoded with pass, as hex
#       with user prepended sent as md5
# used by: Outlook Express
login:
  driver = plaintext
  public_name = LOGIN
  server_prompts = "Username:: : Password::"
  server_condition = "${if and { \
        {!eq {$1}{}} \
        {!eq {$2}{}} \
        {eq {\\{plaintext\\}$2}{${lookup mysql { \
                        select password_hash from popbox \
                        where local_part='${extract {1}{@%!}{$1}}' \
                        and domain_name='${extract {2}{@%!}{$1}}' \
                }{$value}{*:*}}} \
        }}{1}{0}}"
  server_set_id = $1


end

### END AUTHENTICATION CONFIGURATION ###


### untested... ###

plain:
  driver = plaintext
  public_name = PLAIN
  server_condition = "${if and { \
        {!eq {$2}{}} \
        {!eq {$3}{}} \
        {eq {${md5:$3}}{${lookup mysql { \
                        select password_hash from popbox \
                        where local_part='${extract {1}{@%!}{$2}}' \
                        and domain_name='${extract {2}{@%!}{$2}}' \
                }{$value}{*:*}}} \
        }}{1}{0}}"
  server_set_id = $2

login:
  driver = plaintext
  public_name = LOGIN
  server_prompts = "Username:: : Password::"
  server_condition = "${if and { \
        {!eq {$1}{}} \
        {!eq {$2}{}} \
        {eq {${md5:$2}}{${lookup mysql { \
                        select password_hash from popbox \
                        where local_part='${extract {1}{@%!}{$1}}' \
                        and domain_name='${extract {2}{@%!}{$1}}' \
                }{$value}{*:*}}} \
        }}{1}{0}}"
  server_set_id = $1

end