Chris Nelson wrote:
-snip-
> I've spent weeks with the post.office technical support staff, just to
> have them finally give me that answer. They told me something stupid like
> "This is a proprietary algorithm and for ours and our customers security,
> we can not divulge the algorithm"
-snip-
> They say they are using MD5 but MD5 returns a 128bit hash if I remember
> right and post.office returns a 256bit hash, the only algorithm I could
> find that will return a 256bit hash is GOST, and post.offfice does not
> appear to be using GOST.
AFAIK they use BASE64 encoded MD5 hashes. Take a look into the DEBUG
compiled checkpassword implementation in the qmail-ldap patches at
http://www.nrg4u.com.
--
Andre
