[Vmail-discuss] smtp auth
Franz Georg =?iso-8859-1?Q?K=F6hler?=
lists@xxxxxxxxxxx
Fri, 16 Nov 2001 21:31:30 +0100
On Tue, Nov 13, 2001 at 12:39:14AM +0100, Jakob Hirsch <jh@plonk.de> wrote:
>> Is there anyone who is running exim smtp auth with the vmail/sql
>> data?
>
> Sure. I had to fiddle with this for a while since I found no real
> documentation for this, only parts of configs from others. We
> currently use the first part (plaintext passwords), but I'll add some
> older config lines with md5 which may work, but I don't know any more.
> It should not be to hard to change it to one of the other hash_methods
> and maybe it would be nice to have one for all, but I don't think it's
> worth the work.
> remarks:
> - Mac-Outlook is able to use AUTH only since v5.02 and if you _don't_
> use @ as a user-domain seperator. This seems strange, since
> POP3-Login with user@domain works flawless.
> - valid seperators are "@%!". You can simple add more.
>
>
>
> # announce AUTH to hosts not in relay_networks
> host_auth_accept_relay = *
> ...
>
> ### AUTHENTICATION CONFIGURATION ###
>
> # PLAIN: user and pass as base64-coded string
> # used by: Netscape
> plain:
> driver = plaintext
> public_name = PLAIN
> server_condition = "${if and { \
> {!eq {$2}{}} \
> {!eq {$3}{}} \
> {eq {\\{plaintext\\}$3}{${lookup mysql { \
> select password_hash from popbox \
> where local_part='${extract {1}{@%!}{$2}}' \
> and domain_name='${extract {2}{@%!}{$2}}' \
> }{$value}{*:*}}} \
> }}{1}{0}}"
> server_set_id = $2
>
> # LOGIN: challenge from server gets md5-encoded with pass, as hex
> # with user prepended sent as md5
> # used by: Outlook Express
> login:
> driver = plaintext
> public_name = LOGIN
> server_prompts = "Username:: : Password::"
> server_condition = "${if and { \
> {!eq {$1}{}} \
> {!eq {$2}{}} \
> {eq {\\{plaintext\\}$2}{${lookup mysql { \
> select password_hash from popbox \
> where local_part='${extract {1}{@%!}{$1}}' \
> and domain_name='${extract {2}{@%!}{$1}}' \
> }{$value}{*:*}}} \
> }}{1}{0}}"
> server_set_id = $1
>
>
> end
>
> ### END AUTHENTICATION CONFIGURATION ###
>
>
> ### untested... ###
>
> plain:
> driver = plaintext
> public_name = PLAIN
> server_condition = "${if and { \
> {!eq {$2}{}} \
> {!eq {$3}{}} \
> {eq {${md5:$3}}{${lookup mysql { \
> select password_hash from popbox \
> where local_part='${extract {1}{@%!}{$2}}' \
> and domain_name='${extract {2}{@%!}{$2}}' \
> }{$value}{*:*}}} \
> }}{1}{0}}"
> server_set_id = $2
>
> login:
> driver = plaintext
> public_name = LOGIN
> server_prompts = "Username:: : Password::"
> server_condition = "${if and { \
> {!eq {$1}{}} \
> {!eq {$2}{}} \
> {eq {${md5:$2}}{${lookup mysql { \
> select password_hash from popbox \
> where local_part='${extract {1}{@%!}{$1}}' \
> and domain_name='${extract {2}{@%!}{$1}}' \
> }{$value}{*:*}}} \
> }}{1}{0}}"
> server_set_id = $1
>
> end
This does work for me, however, as Eric Renfro pointed out, there is a
problem with those {md5} hashes, I solved it by simply deleting the code
which adds the {md5} thingies in line 90 of PasswordCrypt.pm , so
everything works perfectly now.
Any recommendation of an imap server, which works with this setup, anyone?
--
+--------------------------------------------------------------------------+
| http://www.hanau.net/fgk/ When in doubt, tell the truth. |
| 0x5E7A588D -- Mark Twain |
+--------------------------------------------------------------------------+