On Mon, 15 Dec 2003, Guillaume Filion wrote: > The PLAIN, LOGIN and CRAM-MD5 mechanisms have been implemented. The > modules MIME::Base64 and Digest::HMAC_MD5 are required, but > Digest::HMAC_MD5 is allready a prerequisite for Net::DNS, so only > MIME::Base64 is a new prerequisite. > > The plugin reads the file config/saslauth for the list of username and > passwords. Unfortunately, we need put the plaintext password in the > file because of a limitation in the SASL protocol. 8(
Isn't that only true if you implement the CRAM-MD5 mechanism? IOW, PLAIN and LOGIN can be done without storing plaintext passwords. See, for example mailfront and cvm at http://untroubled.org/. --- Charlie
