On Mon, 2008-03-24 at 10:44 -0700, James Nordstrom wrote: > password_query = select pw_clear_passwd as password > from %d where pw_name = '%n' > > Where %d is the name of the table. I can't use the > exact domain name at it will not match the vpopmail > format domainname_com. I would be happy to use some > sort of sting builder but and not sure what my options > are in the .conf file.
You could convert '.' to '_': auth_username_translation = ._ But using %d directly in the SQL query is getting a bit dangerous. The default auth_username_chars should make it safe, but if you add more chars such as ';' and ' ' you'll have a potential SQL injection security hole.
signature.asc
Description: This is a digitally signed message part
