--S�ren Vrist wrote on 29.05.2002 16:19 +0200:
> On Wed, 2002-05-29 at 14:49, Roland Schneider wrote:
>> Anyway, I got a split local/host scheme work with this clause:
> heres my finally working mysqlauthrc select_clause:
> > MYSQL_SELECT_CLAUSE SELECT userdata.username, userdata.password, \
> '',domains.uid, domains.gid,concat \ >
>('/usr/mailboxes/',domains.domain,'/',userdata.username,'/Maildir/') \
> ,'.' ,'123000',userdata.realname from userdata, domains where \
> userdata.username = '$(local_part)' \
> AND domains.domain = '$(domain)' and userdata.domain = domains.id
> > i don't use courier for MTA so the quota thing is of no importance to me
> right? i have, set it to something, to be sure that the authmysql
> wouldn't fail.
Empty strings are just fine, except in $($domain) as already
mentioned.
> It gets pretty complex when you use more than one table :) (you should
> see my postfix .cf files for the mysql virtual lookups :)
Select over multiple tables also dont scale very well for
delivery because courier often has to do multiple lookups
if 'local-extension' (.courier-*-default) are enabled.
> The "crypt" part of the passwords is made with the password as salt
> right ?
> (when using mysql encrypt, thats the only thing who works.)
> update blalbla ... set password = ENCRYPT('newpassword', 'newpassword');
The first 2 characters of the salt will be shown in plain,
you should use someting 'random', or even a fixed string.
Some 'modern' implementation of crypt will use something
random by themself if you specify an empty salt.
Instead of the weak encryption by 2 chars, you could as well
use plain passwords which allows CRAM (and APOP with patch).
This should not be done on a box with any shell- or cgi-users.
Roland
_______________________________________________________________
Don't miss the 2002 Sprint PCS Application Developer's Conference
August 25-28 in Las Vegas -- http://devcon.sprintpcs.com/adp/index.cfm
_______________________________________________
courier-users mailing list
[EMAIL PROTECTED]
Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
