* Jeff Lacki <j...@rahul.net>: > >> Are these yum packages (which I tried under the names above > >> with no luck)? Where do I acquire them? > > > For which SASL provider? > > Im assuming digest-md5 is good enough, unless > you think another mechanism is better?
plain and login are plaintext mechanisms. You can store the password crypted, but the credentials are sent base64 encoded only. If someone reads them when they are sent they are easily base64-decoded. cram-md5, digest-md5 and ntlm are shared-secret mechanisms. They require passwords to be stored in cleartext. If the database is stolen all passwords are compromised. OTOH these mechanisms never send the password over the net. They are safe to use during transmission. The safest way is to use plaintext mechanisms and shield the transport with a TLS encrypted session. p...@rick -- All technical questions asked privately will be automatically answered on the list and archived for public access unless privacy is explicitely required and justified. saslfinger (debugging SMTP AUTH): <http://postfix.state-of-mind.de/patrick.koetter/saslfinger/>
