Mike Miller writes:
Nope. Not using MD5 passwords.
That would explain it then. As Tom said, DES-style crypt ignores
everything
after the first eight characters of the password. MD5-style crypt has a
higher limit, from memory I believe it's something like 126.
--
Paul Allen
Softflare
] Re: SMTP-Auth bug in passwords?
Date: Wed, 10 Sep 2003 13:30:27 GMT
Mike Miller writes:
Nope. Not using MD5 passwords.
That would explain it then. As Tom said, DES-style crypt ignores
everything
after the first eight characters of the password. MD5-style crypt has a
higher limit, from memory I
Mike Miller writes:
Okay, but should it be _allowing_ this as a password or don't you think
that it should reject it?
I think that it is behaving at it is documented to behave and that your
expectations are wrong.
There is a very big difference between 'webmaste' and 'webmaster23445'
in
passwords
but store new ones in MD5. This would ensure that users looking to migrate
know what's going on. I just didn't want it to stop working when migrated
users.
-M
From: Paul L. Allen [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Subject: [vchkpw] Re: SMTP-Auth bug in passwords?
Date: Wed, 10 Sep
Mike Miller writes:
Any way to convert an entire large site of cdb files (probably
150 domains) into MD5? Actually coverting is the wrong word [since you
can't do that unless there is clear text passwords], but rather to have it
choose between both MD5 and CRYPT passwords (based on
Mike Miller writes:
I believe what you say (that if I enable MD5 passwords, then it will work
for both),
I didn't say that. I said that if vpopmail were written correctly then
it would work for both.
There should really be a note that it will accept existing crypt
passwords but store
