On Thu, 2005-02-03 at 14:39 -0800, Oscar Nelson wrote:
> Finally got my local network trusted(I'd had a typo in our ip range). To
> clarify, the problem is with the SASL authentication always failing. I
> turned on mysql logging and this is what it shows:
>
> 24 Connect [EMAIL PROTECTED] on postfix
> 24 Query START TRANSACTION
> 24 Query SELECT password FROM mailbox WHERE username= '[EMAIL PROTECTED]'
> 24 Query SELECT password FROM mailbox WHERE username= '[EMAIL PROTECTED]'
> 24 Query COMMIT
> 24 Quit
>
> It seems to to be connecting to the database just fine. The password field
> is encrypted using the mysql password() function. Does anyone have any idea
> why this might be failing?
Yes, you shouldn't be using the password() function in MySQL to encrypt passwords. Many, many, many applications (including some of my own) were, and it's a no-no. You should be using md5() or sha1().
Specifically, the definition of the password() function in MySQL-4.1 changed. If you want the old values to be generated, you should use old_password for the time being, but all applications should be converted to not use the password() (or old_password()) functions at all).
http://dev.mysql.com/doc/mysql/en/application-password-use.html
This is very useful information. However, as it turns out I was incorrect. Passwords were created using postfixadmin's(http://high5.net/postfixadmin/) custom md5crypt and I have in fact updated to the latest version of that and tried reseting passwords for various people without success.
This brings up another question, the only two AUTH methods I have enabled are LOGIN and PLAIN. Should MD5 be enabled?
Thanks,
Oscar
_______________________________________________ tsl-discuss mailing list [email protected] http://lists.trustix.org/mailman/listinfo/tsl-discuss
