View Single Post
Old 2nd August 2006, 16:03
neil6179 neil6179 is offline
Junior Member
Join Date: Mar 2006
Posts: 19
Thanks: 0
Thanked 0 Times in 0 Posts
Question Courier/Postifx with SHA1/MD5

Hello all,

I've been looking around on the web for a solution to this but I can't find anywhere that gives me a straight answer.

I setup a mail system as per the Virtual Users And Domains With Postfix, Courier And MySQL (+ SMTP-AUTH, Quota, SpamAssassin, ClamAV) tutorial with the slight alteration that I used Debian Testing. This means I am using Postfix 2.2 and Courier IMAP 4.1. Most settings are pretty much identical in all other respects.

So my question is can I use a SHA1 or MD5 hash (preferably SHA1) to authenticate instead of using the MySQL ENCRYPT() function. That is to say in the tutorial the “password” field of the 'users' table will contain the SHA1/MD5 hash as opposed to the result of the ENCRYPT() function.

As far as I can tell the only two components that use the password are the Courier authentication and the SMTP-AUTH part of Postfix.

So can this be done? If so, how would I go about it?

On a second question can anyone tell me why these two commands result in a different hash?

Command: echo '<?php print sha1("password")."\n"; ?>' | php
Result: 5baa61e4c9b93f3f0682250b6cf8331b7ee68fd8

Command: echo 'password' | sha1sum
Result: c8fed00eb2e87f1cee8e90ebbe870c190ac3848c

and if Courier/Postfix can authenticate against one of these hashes, which one would it use?

Finally if this isn't possible with Courier would it be with another IMAP server? Dovecot maybe? My only requirement is that it supports MailDir with quotas.

Thanks all
Reply With Quote
Sponsored Links