Skip to content
Nigel Metheringham edited this page Nov 29, 2012 · 2 revisions

Q0726

Question

My SMTP authentication can be bypassed by sending an unknown user name and an empty password. What is wrong with this condition in a PLAIN authenticator?

server_condition = ${if eq{$2} {${lookup mysql{SELECT password FROM \
  accounts WHERE username='${local_part:$1}'} } }{1}{0}}

Answer

Your lookup item returns an empty string when the user does not exist. You should instead arrange for the lookup to fail:

server_condition = ${if eq{$2} {${lookup mysql{SELECT password FROM \
  accounts WHERE username='${local_part:$1}'}{$value}fail}}{1}{0}}

Clone this wiki locally