search for: crammd5

> Password schemes: HMAC-MD5, RPA, SKEY, PLAIN-MD4, LANMAN, NTLM, SMD5 The web is flooded with plain text passwords and hashed passwords harvested from hacked servers. Dovecot stores passwords with the same scheme used for client authentication. Therefore, we use crammd5/hmac-md5. It does not look like much, but is better than plaintext. As md5 is about to go, and I have no intention to store passwords in plaintext, I need to split the scheme used to store passwords from the scheme used for authentication, and migrate storage from md5 to bcrypt. Since this is not...

Hi All, I use dovecot (v2.3.4) with a SQL backend for user authentication, passwords are stored in CRAMMD5 format. My SMTP server uses "doveadm auth" via auth-socket to perform sender authentification. To shut down SMTP access for hacked passwords I want to have a dedicated flag in the user database to allow/disallow SMTP for a user withouth disabling his account for IMAP. So, is there any o...

v0.99.11 2004-09-04 Timo Sirainen <tss at iki.fi> + 127.* and ::1 IP addresses are treated as secured with disable_plaintext_auth = yes + auth_debug setting for extra authentication debugging + Some documentation and error message updates + Create PID file in /var/run/dovecot/master.pid + home setting is now optional in static userdb + Added mail setting to static userdb - After

/etc/dovecot.conf: auth default { mechanisms=plain login cram-md5 passdb { #.............. Windows Live Mail: CRAM-MD5 authentication failed. This could be due to a lack of memory on your system. Your IMAP command could not be sent to the server, due to non-network errors. This could, for example, indicate a lack of memory on your system. Configuration: Account: Sheltoncomputers

I use dovecot 1.0rc25 in dovecot.conf: auth default { mechanisms = LOGIN CRAM-MD5 DIGEST-MD5 PLAIN APOP passdb sql { args=/etc/dovecot-crammd5.conf } passdb sql { args=/etc/dovecot-sql.conf } userdb sql { args=/etc/dovecot-sql.conf } } in dovecot-sql.conf: driver = mysql connect = host=/var/run/mysql/mysql.sock port= dbname=mail user=vmailuser password=vmailpassword password_query = SELECT clear AS password , user FROM mailbox WHERE use...

...ked" or similar flag in the password_query and user_query on your sql config? Sami > On 18 Jan 2020, at 10.30, Oliver Welter <mail at oliwel.de> wrote: > > Hi All, > > I use dovecot (v2.3.4) with a SQL backend for user authentication, > passwords are > stored in CRAMMD5 format. > > My SMTP server uses "doveadm auth" via auth-socket to perform sender > authentification. To shut down SMTP access for hacked passwords I want > to have a dedicated flag in the user database to allow/disallow SMTP for > a user withouth disabling his account for...

...-MD4, LANMAN, NTLM, SMD5 <br> <br>The web is flooded with plain text passwords and hashed passwords harvested from hacked servers. <br> <br>Dovecot stores passwords with the same scheme used for client authentication. <br> <br>Therefore, we use crammd5/hmac-md5. It does not look like much, but is better than plaintext. <br> <br>As md5 is about to go, and I have no intention to store passwords in plaintext, I need to split the scheme used to store passwords from the scheme used for authentication, and migrate storage from md5 to...

...<br> > <br>The web is flooded with plain text passwords and hashed passwords harvested from hacked servers. > <br> > <br>Dovecot stores passwords with the same scheme used for client authentication. > <br> > <br>Therefore, we use crammd5/hmac-md5. It does not look like much, but is better than plaintext. > <br> > <br>As md5 is about to go, and I have no intention to store passwords in plaintext, I need to split the scheme used to store passwords from the scheme used for authentication, and migrate storage f...

...ks: yes maildir_copy_preserve_filename: yes mail_drop_priv_before_exec: yes mail_executable: /bin/imap.sh mail_plugins: quota imap_quota auth default: mechanisms: PLAIN CRAM-MD5 default_realm: testing.net cache_size: 256 worker_max_count: 100 passdb: driver: sql args: /etc/dovecot-crammd5.conf userdb: driver: prefetch plugin: quota: maildir

...odules/imap mail_plugin_dir(imap): /usr/lib/dovecot/modules/imap mail_plugin_dir(pop3): /usr/lib/dovecot/modules/pop3 auth default: mechanisms: plain login cram-md5 passdb: driver: sql args: /etc/dovecot/dovecot-sql.conf passdb: driver: sql args: /etc/dovecot/dovecot-crammd5.conf userdb: driver: sql args: /etc/dovecot/dovecot-sql.conf socket: type: listen client: path: /var/spool/postfix/private/auth mode: 432 user: postfix group: postfix master: path: /var/run/dovecot/auth-master mode: 384...

...</div> <div> Hi All, </div> <div> <br> </div> <div> I use dovecot (v2.3.4) with a SQL backend for user authentication, </div> <div> passwords are </div> <div> stored in CRAMMD5 format. </div> <div> <br> </div> <div> My SMTP server uses "doveadm auth" via auth-socket to perform sender </div> <div> authentification. To shut down SMTP access for hacked passwords I want </div>...

Hi, after getting dovecot working with PostgreSQL and plaintext passwords I tried to use md5 encrypted passwords with mozilla. www.roughtrade.net/dovecot says that Mozilla only supports CRAM-MD5 and that CRAM-MD5 is included in HEAD. Now I have two questions: 1) Is the md5 hash stored in passdb with cram-md5 the same as in digest-md5? 2) Is a new dovecot stable build planned within the next two

.../dovecot/modules/imap mail_plugin_dir(imap): /usr/lib/dovecot/modules/imap mail_plugin_dir(pop3): /usr/lib/dovecot/modules/pop3 auth default: mechanisms: plain login cram-md5 passdb: driver: sql args: /etc/dovecot/dovecot-sql.conf passdb: driver: sql args: /etc/dovecot/dovecot-crammd5.conf userdb: driver: passwd userdb: driver: sql args: /etc/dovecot/dovecot-sql.conf socket: type: listen client: path: /var/spool/postfix/private/auth mode: 432 user: postfix group: postfix master: path: /var/run/dovecot/auth-master...

...ntal) [no] ],,) diff -ur cyrus-sasl-2.1.15/plugins/makeinit.sh cyrus-sasl-2.1.15-2/plugins/makeinit.sh --- cyrus-sasl-2.1.15/plugins/makeinit.sh 2003-02-19 05:28:49.000000000 +1100 +++ cyrus-sasl-2.1.15-2/plugins/makeinit.sh 2003-11-12 15:09:49.000000000 +1100 @@ -1,4 +1,4 @@ -for mech in anonymous crammd5 digestmd5 gssapiv2 kerberos4 login ntlm otp plain srp; do +for mech in anonymous crammd5 digestmd5 gssapiv2 kerberos4 login ntlm gssspnego otp plain srp; do echo " #include <config.h> diff -ur cyrus-sasl-2.1.15/plugins/ntlm.c cyrus-sasl-2.1.15-2/plugins/ntlm.c --- cyrus-sasl-2.1.15/p...