On 10-12-28 4:19 PM, Jan-Frode Myklebust wrote:
So maybe save a salted hash of the password in memcached for this
comparison instead ?
That password needs to be known by SOGo - because it needs to push its
cleartext version to the IMAP server.
The password could be hashed using a string shared across all SOGo
cluster members - that would buy a false sense of security for a little
while.
--
Ludovic Marcotte
[email protected] :: +1.514.755.3630 :: www.inverse.ca
Inverse inc. :: Leaders behind SOGo (www.sogo.nu) and PacketFence
(www.packetfence.org)
--
[email protected]
https://inverse.ca/sogo/lists
