On 15.2.2010, at 19.42, Leonardo Rodrigues wrote: > from sources on src/auth i can find some interesting informations: > > /* format: <SHA1 hash><salt> */ > > and > > #define SSHA256_SALT_LEN 4 > > so the salt really seems to be 4-byte (which in fact are 8 when watching in > hexadecimal), the exact difference on dovecotpw non-salted and salted > generated passwords.
The generated SSHA256 passwords have 4 byte salt, but Dovecot supports reading any salt length.
