Nigel Metheringham edited this page Nov 29, 2012 · 2 revisions

Q0726

Question

My SMTP authentication can be bypassed by sending an unknown user name and an empty password. What is wrong with this condition in a PLAIN authenticator?

server_condition = ${if eq{$2} {${lookup mysql{SELECT password FROM \
  accounts WHERE username='${local_part:$1}'} } }{1}{0}}

Answer

Your lookup item returns an empty string when the user does not exist. You should instead arrange for the lookup to fail:

server_condition = ${if eq{$2} {${lookup mysql{SELECT password FROM \
  accounts WHERE username='${local_part:$1}'}{$value}fail}}{1}{0}}

Clone this wiki locally
You can’t perform that action at this time.
You signed in with another tab or window. Reload to refresh your session. You signed out in another tab or window. Reload to refresh your session.
Press h to open a hovercard with more details.