At 16:07 11-12-2009, Shane Chrisp wrote:
Ro Achterberg wrote:
You will need to enable plain text passwords in the database to be
able to use cram-md5.
In dovecot-sql.conf, I tried setting default_pass_scheme to both
PLAIN and PLAIN-MD5, but none of which seemed to work. I'm probably
missing the point.
Did you perhaps mean to have vpopmail store the user passwords in
plain text? I'm just checking, because to me it seems to lower
security and it seems to defeat the purpose of working with hashed
passwords. Could you please confirm this?
Yes, thats what I meant by my comment. You need the plain text
passwords in the vpopmail database. Having plain text passwords in
the database doesn't necessarily lower the security as your database
can be on a host which is not accessable to anything by the
authenticating machine.
Shane
Thanks, I'll be trying that now. I agree with you on the security
impact if you in fact had the luxury of building a setup like that.
Unfortuntaly though, my colo box provides for a lot more than just an
e-mail authentication backend.
I do however have it tightly locked down in a rather complex chrooted
setup on top of a grsec hardened kernel, so I won't be worrying about
it too much.
Thanks for your help!
Bye, Ro
!DSPAM:4b2262ce32718688460864!
