Postfix authentication: using an IV with SHA for encryption

Discussion in 'Server Operation' started by dodtsair, Jul 11, 2007.

  1. dodtsair

    dodtsair New Member

    I am using this howto to set up a postfix email server.

    I want to add users to my email server using the following SQL

    INSERT users (email, iv, password) VALUES ('[email protected]', (RAND()*4294967295), SHA(CONCAT('plain text pwd', iv)));

    This uses the database's SHA algorithm which is more secure then the ENCRYPT algorithm.

    It also uses an initialization vector which ensures no two users have the same hash when they use the same password.

    I am just not sure I can use this for all the different modules that are authenticating against the MySQL database. Does anyone know if this is impossible?

Share This Page