Re: Help on CRAM-MD5

2019-06-20 Thread Alexander Dalloz via dovecot
Am 20.06.2019 um 12:28 schrieb FUSTE Emmanuel via dovecot: Le 20/06/2019 à 11:59, @lbutlr via dovecot a écrit : On 20 Jun 2019, at 02:53, FUSTE Emmanuel via dovecot wrote: There is plenty of context where TLS is not possible/desirable. I’d say that is terrible advice. There are no

Re: Help on CRAM-MD5

2019-06-20 Thread Benny Pedersen via dovecot
Jorge Bastos via dovecot skrev den 2019-06-20 11:56: Users have access to SSL and TLS so it's fine, it's their options to use or not. why ssl/tls at all then ? if useers have choices, thay use less secure one first

RE: Help on CRAM-MD5

2019-06-20 Thread Jorge Bastos via dovecot
Emmanuel & Ibutlr, I meant to say something-MD5, my fault, -Original Message- From: dovecot On Behalf Of FUSTE Emmanuel via dovecot Sent: Thursday, June 20, 2019 11:32 To: dovecot@dovecot.org Subject: Re: Help on CRAM-MD5 Le 20/06/2019 à 12:25, @lbutlr via dovecot a écrit : >

Re: Help on CRAM-MD5

2019-06-20 Thread FUSTE Emmanuel via dovecot
Le 20/06/2019 à 12:25, @lbutlr via dovecot a écrit : > On 20 Jun 2019, at 04:14, Jorge Bastos via dovecot > wrote: >> I don't desagree with your vision, but if the use of CRAM- has to use >> plaint text password's on the server there's a dark side, or there's a >> CRAM-XXX that can use

Re: Help on CRAM-MD5

2019-06-20 Thread FUSTE Emmanuel via dovecot
Le 20/06/2019 à 11:59, @lbutlr via dovecot a écrit : > On 20 Jun 2019, at 02:53, FUSTE Emmanuel via dovecot > wrote: >> There is plenty of context where TLS is not possible/desirable. > I’d say that is terrible advice. There are no reasonable contexts where is it > is acceptable to send mail

Re: Help on CRAM-MD5

2019-06-20 Thread @lbutlr via dovecot
On 20 Jun 2019, at 04:14, Jorge Bastos via dovecot wrote: > I don't desagree with your vision, but if the use of CRAM- has to use > plaint text password's on the server there's a dark side, or there's a > CRAM-XXX that can use encrypted on server side? There's always the thing > that can

RE: Help on CRAM-MD5

2019-06-20 Thread Jorge Bastos via dovecot
I don't desagree with your vision, but if the use of CRAM- has to use plaint text password's on the server there's a dark side, or there's a CRAM-XXX that can use encrypted on server side? There's always the thing that can clients don't support it. I think i'm not wrong with what i said, On

Re: Help on CRAM-MD5

2019-06-20 Thread @lbutlr via dovecot
On 20 Jun 2019, at 02:53, FUSTE Emmanuel via dovecot wrote: > There is plenty of context where TLS is not possible/desirable. I’d say that is terrible advice. There are no reasonable contexts where is it is acceptable to send mail credentials without encryption. My users have had to use

RE: Help on CRAM-MD5

2019-06-20 Thread Jorge Bastos via dovecot
Subject: Re: Help on CRAM-MD5 Hello, The world is not black or white. Yes CRAM-MD5 is old and his successor SCRAM-XX is not widely available/implemented which is sad. For your need, use TLS and forget about it. Thunderbird is conservative. If you don't configure TLS or TLS is not available

Re: Help on CRAM-MD5

2019-06-20 Thread FUSTE Emmanuel via dovecot
> > -Original Message- > From: dovecot On Behalf Of Aki Tuomi via dovecot > Sent: 19 de junho de 2019 07:31 > To: Alexander Dalloz ; dovecot@dovecot.org > Subject: Re: Help on CRAM-MD5 > > > On 19.6.2019 7.48, Alexander Dalloz via dovecot wrote: >> Am 1

RE: Help on CRAM-MD5

2019-06-19 Thread Jorge Bastos via dovecot
; dovecot@dovecot.org Subject: Re: Help on CRAM-MD5 On 19.6.2019 7.48, Alexander Dalloz via dovecot wrote: > Am 19.06.2019 um 00:04 schrieb Jorge Bastos via dovecot: >> Howdy, >> >> I'm using dovecot and mysql users, and i'm creating the password with: >> >> ENCRYPT('som

Re: Help on CRAM-MD5

2019-06-19 Thread Aki Tuomi via dovecot
On 19.6.2019 7.48, Alexander Dalloz via dovecot wrote: > Am 19.06.2019 um 00:04 schrieb Jorge Bastos via dovecot: >> Howdy, >> >> I'm using dovecot and mysql users, and i'm creating the password with: >> >> ENCRYPT('some-passwd',CONCAT('$6$', SUBSTRING(SHA(RAND()), -16))) >> >> So far so good,

Re: Help on CRAM-MD5

2019-06-18 Thread Alexander Dalloz via dovecot
Am 19.06.2019 um 00:04 schrieb Jorge Bastos via dovecot: Howdy, I'm using dovecot and mysql users, and i'm creating the password with: ENCRYPT('some-passwd',CONCAT('$6$', SUBSTRING(SHA(RAND()), -16))) So far so good, everything's fine. Today saw that i didn't enabled CRAM-MD5, but if I do,

Re: Help on CRAM-MD5

2019-06-18 Thread @lbutlr via dovecot
> On 18 Jun 2019, at 16:56, Shaun Johnson via dovecot > wrote: > > On Tue, 18 Jun 2019 16:41:06 -0600 > "@lbutlr via dovecot" wrote: > >> What is the reason for wanting to enable CRAM-MD5? That was intended >> to use on unsecured connections; you should not be allowing >> authentication on

Re: Help on CRAM-MD5

2019-06-18 Thread Shaun Johnson via dovecot
On Tue, 18 Jun 2019 16:41:06 -0600 "@lbutlr via dovecot" wrote: > What is the reason for wanting to enable CRAM-MD5? That was intended > to use on unsecured connections; you should not be allowing > authentication on unsecured connections in 2019. > > Establish a secure submission on port 587

Re: Help on CRAM-MD5

2019-06-18 Thread @lbutlr via dovecot
On 18 Jun 2019, at 16:04, Jorge Bastos via dovecot wrote: > I'm using dovecot and mysql users, and i'm creating the password with: > > ENCRYPT('some-passwd',CONCAT('$6$', SUBSTRING(SHA(RAND()), -16))) Why not just use the builtin tool in dovecot? doveadm pw -s SHA256-CRYPT -p