[Dbmail] Dbmail-POP3 plaintext auth disable

Sat, 10 Nov 2007 03:19:37 -0800 

Hi, all!
 
Is it possible to disable plaintext password auth in DBMail-POP3? Now it works 
great, but accepts 
POP3 connections with plaintext passwords *and* RFC-1734 APOP passwords 
(CRAM-MD5 in Sasl). 
Client can change auth method in his local mail client settings, and some 
clients do it. 
All users and mail domains are virtual (not system). Their (dbmail) passwords 
are *plaintext* stored 
in MySQL database. My Dbmail version is 2.0.10. No TLS. 
 
I want to disable plaintext auth for all clients. For SMTP auth it`s success by 
Sasl, but for POP3 I can`t do it.
 
Typical Connection logs
Good: 
[20:10:17]  C: Connected to post1.crm-design.ru, port 110[20:10:17]  S: +OK 
DBMAIL pop3 server ready to rock <[EMAIL PROTECTED]>[20:10:17]  C: APOP vova 
3cc754e4de59ebe431e9a57acadb9d05[20:10:17]  S: +OK vova has 0 messages (0 
octets)[20:10:17]  C: STAT[20:10:17]  S: +OK 0 0[20:10:17]  C: QUIT[20:10:17]  
S: +OK see ya later
Bad:
[11:23:44]  C: Connected to post1.crm-design.ru, port 110[11:23:44]  S: +OK 
DBMAIL pop3 server ready to rock <[EMAIL PROTECTED]>[11:23:44]  C: USER 
vova[11:23:44]  S: +OK Password required for vova[11:23:44]  C: PASS plaintext 
// Password changed manually[11:23:45]  S: +OK vova has 0 messages (0 
octets)[11:23:45]  C: STAT[11:23:45]  S: +OK 0 0[11:23:45]  C: QUIT
 
As I think (maybe, wrong) POP3 auth making by dbmail-pop3d directly, according 
to client requested params. 
In dbmail.conf [pop3] section I can`t find any auth acceptable params. Looks 
like no auth mechanism control 
presents in dbmail-pop3d.  
 
Any idea? Must I store passwords *not* in plaintext to disable plaintext POP3 
auth? 
Simple update Dbmail to 2.2 version? But have 2.2 version required functions? 
Or use different passwords for POP and SMTP is the only way?  
 
Best regards
Vladimir Likhachev
 
_________________________________________________________________
Discover the new Windows Vista
http://search.msn.com/results.aspx?q=windows+vista&mkt=en-US&form=QBRE
_______________________________________________
DBmail mailing list
[email protected]
https://mailman.fastxs.nl/mailman/listinfo/dbmail

Reply via email to