On Thu, 7 May 2015 13:57:30 +0200, Jan Ingvoldstad <[email protected]> wrote: >On Wed, May 6, 2015 at 12:07 PM, Ajit Mhatre <[email protected]> wrote: >> i am having a problem in *exim4* ,that is* /etc/exim4/password.client* >> file contain *email id* and *password* . The both email id and password in >> Plain text format. so anyone can acess the password.client file can get my >> password. >> So please help me out how to hide or encrypt that password field in >> *password.clien*t so no one can hack or know my password > > >This may not be the answer you want. Others have provided info on how to >avoid file permission mistakes, so this is a different take on your >question. > >You appear to be using CRAM-MD5 or DIGEST-MD5 authentication, which >requires plaintext passwords to be stored on the server side. > >If you're instead willing to use PLAIN and LOGIN authentication, you can >run saslauthd (a piece of Cyrus software), or even an IMAP-based >authentication, where only the hashed passwords are stored on disk or in a >database.
This applies to exim as server. He is using exim as a client, which _needs_ the plain-text password on the client side. See the reference to /etc/exim4/password.client (misspelled, it's passwd.client). Greetings Marc -- -------------------------------------- !! No courtesy copies, please !! ----- Marc Haber | " Questions are the | Mailadresse im Header Mannheim, Germany | Beginning of Wisdom " | http://www.zugschlus.de/ Nordisch by Nature | Lt. Worf, TNG "Rightful Heir" | Fon: *49 621 72739834 -- ## List details at https://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
