Hi, Both DIGEST-MD5 and CRAM-MD5 require the password to be stored on the server in clear text(!). The password is used as the key for authentication. On one side you have plain and login with encrypted store on the server but the password is sent unencrypted over the network and then you have the MD5s that never send the password over the wire but require it's storage in clear text on the server.
You must create a different database for it, in /etc, if you are running postfix in chroot jail and put a clear text DB of user's passwords in the /etc of that chroot jail..... The best and easy solution: use plain and login with SSL/TLS, with the added bonus of security to the E-mail itself and not only the login. Bye ================================================================= To unsubscribe, send mail to [EMAIL PROTECTED] with the word "unsubscribe" in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]
