Am 08.08.2013 12:39, schrieb Claas Kähler: > after the release-stress it seems more relaxed here again. Time for stupid > questions! ;) > Is it possible to realise a smtp-auth with hashed passwords in the database? > Now i am using Cyrus-SASL and i am feeling very uncomfortable with all the > unencrypted passwords in the database
if you look how CRAM-MD5 works it is clear that you can't have a hash in the database because it is pretty impossible to verify the login so you could only use PLAIN AUTH in case of encrypted passwords in the database and force users to always use TLS
signature.asc
Description: OpenPGP digital signature
_______________________________________________ DBmail mailing list [email protected] http://mailman.fastxs.nl/cgi-bin/mailman/listinfo/dbmail
