Thank Your for replay. > Try a plaintext match and if that fails try a crypt match? Is it possible to write such condition to make it in one authenticator plain: ? I am trying to find it exim manual but w/o success.
> Horribly > insecure (it makes crypted passwords equivalent to plaintext passwords > because you can type in your crypted password to authenticate yourself) > but it will allow you to migrate to all-crypted, at which point you can > turn off the plaintext matching. If you're using a modern crypt() you can > improve the security by checking the format of the stored password and > not allowing plaintext matches for passowrds that appear to be crypted. > > Tony. I cant change the mechanism of storing password for some users, due to customer policy. Good thing is that those users are few only. Best Regards Gall ---------------------------------------------------- "Wimbledon" przyjemny i przepisowy film o sporcie. Już na DVD. http://klik.wp.pl/?adr=http%3A%2F%2Ffilm.wp.pl%2Fp%2Ffilm.html%3Fid%3D24446&sid=394 -- ## List details at http://www.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://www.exim.org/eximwiki/
