On 2023-11-19, Martin Lambers via Exim-users <[email protected]> wrote:
> For archive completeness I'd like to mention that for SCRAM, the server > does not need to know the password itself, but just a salted and hashed > version of it, which can be set with server_skey instead of > server_password. For my simple test setup, I did not use this. However the salted password is also all that a client needs to authenticate to the server So the same care is needed to keep the storage secure as if it was storing the password.. -- Jasen. 🇺🇦 Слава Україні -- ## subscription configuration (requires account): ## https://lists.exim.org/mailman3/postorius/lists/exim-users.lists.exim.org/ ## unsubscribe (doesn't require an account): ## [email protected] ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
