Am 02.12.2021 um 10:11 schrieb Christian Mack:
You only can use CRAM-MD5 when your authentication source provides plain
passwords.
And that's the biggest issue with these shared secret authentication
mechanisms: that you have to store the passwords unencrypted/unsalted.
Never a good idea to s
Hello
auth_mechanisms are only for encrypting passwords while authenticating.
They have nothing to do with transport encryption aka TLS and STARTTLS.
You only can use CRAM-MD5 when your authentication source provides plain
passwords.
As you use password hashes in your authentication source, you h
Hi,
I wondering if I can simply disable CRAM-MD5 and/or DIGEST-MD5.
Are they useful in case of SSL or TLS connections?
Thankyou
> Il 01/12/2021 18:42 Aki Tuomi ha scritto:
>
>
> auth_mechanisms = plain login digest-md5 cram-md5
>
> You still advertise them though.
>
> Aki
main.net,xx.yy.ww.zz,): Requested CRAM-MD5
> scheme, but we have only CRYPT
> I don't understand this error. It seems I still support CRAM-MD5:
> telnet localhost 143
> Trying 127.0.0.1...
> Connected to localhost.
> Escape character is '^]'.
> * OK [CAPABIL
dovecot[72554] auth-worker(72559): conn
unix:auth-worker (uid=143): auth-worker<5294>:
sql(u...@domain.net,xx.yy.ww.zz,): Requested CRAM-MD5 scheme,
but we have only CRYPT
I don't understand this error. It seems I still support CRAM-MD5:
telnet localhost 143
Trying 127.0.0.1...
Connected t
