I've been searching all over for this answer. Hopefully, someone on this list can help:
I'd like to create an authentication module that uses MySQL to store account information, and which permits Courier-IMAP (and POP, esp.) to use Microsoft's NTLM protocol for user authentication. A couple of caveats: 1) Don't bother to tell me to use another protocol. I don't have that option and I'm not really trying to start a fight about MS vs. open source. 2) I know enough about the particulars of the wire protocol to get NTLM to work. What I don't know is how to make Courier understand it. With those caveats, here's what I seem to have puzzled out: If I could create an HMAC hash structure for NTLM, it appears that authmysql would use it. As far as I can tell, no one seems to have created an implementation of this. NTLM is not a published SASL authentication method, but aside from its funny hash algorithm, it's basically identical to CRAM-MD5. When used in the POP3 protocol, the NTLM authentication method is signaled by the client with the use of the command "AUTH MSN". So, my questions for you all: 1. Am I right that creating a new HMAC is all that's needed? 2. How do I tie the POP3 command "AUTH MSN" to the use of the right hash method in SASL? In authmysql? 3. Is there in fact anyone who has already accomplished this? 4. Is there -- anywhere on God's green Earth -- some kind of documentation for how the SASL, HMAC, and authentication module sections work together? A guide for prospective auth-module writers? A clue? A scrap of tattered and ancient parchment? Something? Thanks, Elias Israel [EMAIL PROTECTED] www.promanage-inc.com ------------------------------------------------------- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf _______________________________________________ courier-users mailing list [EMAIL PROTECTED] Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
