On Dec 12, 2016, at 13.03, Stavros Tsolakos <stsola...@gmail.com> wrote: > > Dear list > > My apologies if my question has been answered before. > > I want to relay outgoing messages depending on the sender. So far I have > created 2 tables containing the SMTP relay addresses and the passwords > respectively. > > From my main.cf: > > sender_dependent_relayhost_maps = hash:/etc/postfix/relayhosts > smtp_sasl_password_maps = hash:/etc/postfix/relaypasswd > > I am concerned about having the passwords stored in plaintext in > relaypasswd. Of course, it is converted to a non human readable form by > postmap, although it might still somehow be converted back to plain. (It > should, or else how postfix 'knows' what password to login with to the > relay?) > > Apart from making the file readable by root (0400 permissions), is there > a way to store the password's hash and *somehow* login to the relay > using it? (I am emphasizing the word 'somehow' because I can't imagine > how it can be done, if it can be done at all).
hashing is for verifying of passwords, not for using [supplying] of passwords. if the password were hashed, postfix wouldn't have the password [it would only have the hash], and thus it could not use the password. the plaintext [not hashed, not encrypted, etc] string must be available to postfix, so it can use it. alternatively, if you can construct a method in which you supply something other than the plaintext password to the relay, then perhaps postfix can accommodate this.
