Ben Schumacher wrote:
> I would like to see this, too. After digging through the code some, it
> seems that the major sticking point is that dovecot would prefer to do
> the CRAM-MD5 internally and therefore expects to have access to the
> password in plaintext and doesn't pass the timestamp on to
> checkpassword...
There is no way to use CRAM-MD5 without having the password stored in
plaintext locally; it is a design "feature" since the hash is calculated
using a different server key every time.
vpopmail can store the password in plain-text.
