Development

Wiki Start
Wishlist
Timeline
Roadmap
Browse Source
New Ticket
View Tickets

Ticket #169 (assigned enhancement)

Opened 1 year ago

Last modified 5 months ago

Possibility to use crypted passwords in Postfix through SASL

Reported by: DPR Assigned to: malte (accepted)
Priority: major Milestone: ispCP ω 1.1.0
Component: Backend (Engine) Version: ispCP ω 1.0.0 - DEV
Severity: Hard Keywords: hashed password
Cc:

Description

A small patch against SASL allows the usage of crypted passwords with Postfix (auxprop plugion) instead of plain passwords in the database. It would be great if there would be a possibility to optionally switch to crypted passwords for Mail-Accounts in ispCP ! I.e. ispCP would have to save encrypted passwords if a mail account is being edited or added - which can be easily done by the SQL function ENCRYPT.

This should be optional because only those who do apply the patch to their SASL library might want to use this feature.

Patch-Files for SASL: http://frost.ath.cx/software/cyrus-sasl-patches/ http://wispdirect.com/docs/sasl-howto.html

Attachments

mail_crypt.diff (6.5 kB) - added by DPR on 04/12/07 17:41:09.
patch file for Omega 1.0 RC1

Change History

04/12/07 00:34:57 changed by malte

  • owner set to malte.
  • status changed from new to assigned.
  • version changed from ispCP ω 1.0.0 - RC1 to ispCP ω 1.0.0 - DEV.
  • milestone changed from ispCP ω 1.0.0 - RC2 to ispCP ω 1.1.0.

04/12/07 17:41:09 changed by DPR

  • attachment mail_crypt.diff added.

patch file for Omega 1.0 RC1

04/12/07 17:50:23 changed by DPR

I've attached a ported patch-file for Omega 1.0 RC1 - I haven't testet them yet for Omega but (successfully) for VHCS 2.4.7.1.

Note that there's an extra option "ENCRYPT_MAIL_PASS" which has to be set in order to encrypt mail passwords. There're 3 more prerequisities:
* SASL Patch for libsasl
* extra row "mail_crypt" for table "mail_users"
* adapted /etc/postfix/sasl/smtpd.conf like

pwcheck_method: auxprop
auxprop_plugin: sql
mech_list: plain login
log_level: 2
allowanonymouslogin: no

# option for patched SASL
password_format: crypt

# SQL plugin parameters
sql_engine: mysql
sql_hostnames: 127.0.0.1
sql_database: vhcs2
sql_user: mail
sql_passwd: YOUPASSWORD
sql_select: SELECT m.mail_crypt FROM mail_users m, domain d WHERE m.domain_id=d.domain_id AND mail_type='normal_mail' AND status='ok' AND m.mail_acc='%u' AND d.domain_name = '%r'

07/07/07 03:33:19 changed by anonymous

http://a-zoloft-side-effects.associates-program.com Zoloft Side Effects http://a-generic-zoloft.associates-program.com Generic Zoloft

02/17/08 14:40:46 changed by rats

  • severity set to Hard.
  • milestone changed from ispCP ω 1.1.0 to Working.

02/17/08 23:08:54 changed by rats

  • milestone changed from Working to ispCP ω 1.1.0.

Add/Change #169 (Possibility to use crypted passwords in Postfix through SASL)