similar to: PATCH: CRAM-MD5 for Dovecot

Hi, after getting dovecot working with PostgreSQL and plaintext passwords I tried to use md5 encrypted passwords with mozilla. www.roughtrade.net/dovecot says that Mozilla only supports CRAM-MD5 and that CRAM-MD5 is included in HEAD. Now I have two questions: 1) Is the md5 hash stored in passdb with cram-md5 the same as in digest-md5? 2) Is a new dovecot stable build planned within the next two

Hi, I'm wondering what is dovecot's support for CRAM-MD5? The mailing list for November 2003 seems to indicate that Timo has included it into the CVS tree, however the ChangeLogs in the latest version does not say anything about it. The online docs has indicated that it's supported, but the doc files in 0.99.10.4 doesn't seem to mention about it.... Thanks in advance.

I?m working on an OS project from github. There are two parts: Dovecot plugin - https://github.com/st3fan/dovecot-xaps-plugin Daemon written in Go - https://github.com/st3fan/dovecot-xaps-daemon # dovecot --version 2.2.10 Both parts worked fine on CentOS 6 but I recently rebuilt them both for CentOS 7 and have run into some errors. The plugin sends a notification over a socket to

Dear all, I wrote the following code to calculate the density functions for two data sets, respectively. den_str <-density(str_data$Similarity); den_non_str <-density(nonstr_data$Similarity); However, I would like to knowing the difference between den_str and den_non_str, that is, the difference between the region under the curve of the den_str and the region under the curve of

Apart from a few warnings (attached), and a bit of patience, the compiler terminates without error. On patience, OBSD has two processes who took almost half the CPU when compiling: reaper and zerothread. Will look into the warnings, and the testing errors (also attached). Let see how it works on this machine. OpenBSD 6.7 (GENERIC.MP) #2: Thu Jun 4 09:55:08 MDT 2020 real mem = 17125511168

I'm not the originator. I'm just trying to do some maintenance on the code to make it work for CentOS 7. I'll check out those two. Any ideas on how to check exactly what's sent via the socket? If the EOF is sent, I know to dig further into the daemon code. Thanks, Steffan Cline steffan at hldns.com 602-793-0014 > On Sep 7, 2017, at 11:43 PM, Aki Tuomi <aki.tuomi at

/etc/dovecot.conf: auth default { mechanisms=plain login cram-md5 passdb { #.............. Windows Live Mail: CRAM-MD5 authentication failed. This could be due to a lack of memory on your system. Your IMAP command could not be sent to the server, due to non-network errors. This could, for example, indicate a lack of memory on your system. Configuration: Account: Sheltoncomputers

After upgrading my dovecot installation about a month ago, I have started seeing "Requested CRAM-MD5 scheme, but we have only MD5-CRYPT" message from dovecot in my logs. Any help in finding and correcting the cause will be greatly appreciated. --Richard

Hi all, Got a question on configuring dovecot, I'm still new at this so I might be doing this all wrong. I want dovecot to authenticate the mail client using CRAM-MD5 so I've setup the config in dovecot.conf: auth default { mechanisms = cram-md5 passdb sql { # Path for SQL configuration file, see doc/dovecot-sql-example.conf args = /etc/dovecot/dovecot-sql.conf

Hi, based on the recent discussion by Bill Cole and Douglas Willcocks I've quickly put together a PHP script which generates MD5 'contexts' for Dovecot's password files: http://www.noerenberg.de/hajo/pub/dovecot_hmacmd5.php.txt The script has not been tested extensively, so use it on your own risk :) Most of the code has been shamelessly stolen from various sources.

We have a plethora of accounts for which we would like to enable CRAM-MD5 but their passwords are stored as MD5 hashes. Is there anything we can do? Can we take a linux MD5 hashed password (e.g. $1$fac330ee$wd6Tll...) and convert it to dovecot's CRAM-MD5 format (e.g. {CRAM-MD5}b3f297...)? Thanks!

On 12/5/14, ML mail <mlnospam at yahoo.com> wrote: > Hello, > > I am wondering which variant is more secure for user authentication and > password scheme. Basically I am looking at both variants: > > 1) MD5-CRYPT password scheme storage with CRAM-MD5 auth mechanism > 2) SHA512-CRYPT password scheme storage with PLAIN auth mechanism > > In my opinion the option 2)

Am 06.12.2014 um 06:56 schrieb Jan Wide?: > If you add disable_plaintext_auth=yes ssl=required settings, then > dovecot will drop authentication without STARTTLS. But damage will be > done, client will send unencrypted (or in this scenario MD5 or SHA512 > hash) login/password no, damage will *not* be done STARTTLS happens in context of connect and *log before* any authentication is

Am 6. Dezember 2014 13:10:58 MEZ, schrieb Reindl Harald <h.reindl at thelounge.net>: > >Am 06.12.2014 um 06:56 schrieb Jan Wide?: >> If you add disable_plaintext_auth=yes ssl=required settings, then >> dovecot will drop authentication without STARTTLS. But damage will be >> done, client will send unencrypted (or in this scenario MD5 or SHA512 >> hash)

Hello, I am wondering which variant is more secure for user authentication and password scheme. Basically I am looking at both variants: 1) MD5-CRYPT password scheme storage with CRAM-MD5 auth mechanism 2) SHA512-CRYPT password scheme storage with PLAIN auth mechanism In my opinion the option 2) should be safer although it is using PLAIN auth mechanism. Of course I would always use STARTTLS and

On 12/06/2014 02:35 AM, Nick Edwards wrote: > On 12/5/14, ML mail <mlnospam at yahoo.com> wrote: >> Hello, >> >> I am wondering which variant is more secure for user authentication and >> password scheme. Basically I am looking at both variants: >> >> 1) MD5-CRYPT password scheme storage with CRAM-MD5 auth mechanism >> 2) SHA512-CRYPT password

Hello all. Im try to make a SMTP Auth using Docecot SASL. Im use swaks for tests. Im store users in LDAP. As im understand for CRAM & DIGEST MD5 we need to store pass in a clear text?... Ok. mail: admin3 at domain.off userPassword: 123 <- Clear text What im do %swaks -a CRAM-MD5 -au admin3 at domain.off -ap 123 To: admin3 at domain.off === Trying mx.domain.off:25... === Connected to

Hi all, I just finished configuring CRAM-MD5 for Dovecot and noted there were not a lot of resources out there that described the process. I've written up a rough and brief HOWTO at: http://www.kartar.net/weblog/cram-md5-authentication-with-dovecot/ Comments welcome and hope it helps someone. Regards James Turnbull -- James Turnbull <james at lovedthanlost.net> --- Author of Pro

Is it possible to use saslauth for digest-md5 or cram-md5 authentication? If so how would one go about configuring dovecot? Thanks, -- Knute Johnson Molon Labe...

Hi there, I'm currently running my auth against CRAM-MD5 only. But I face problems with customers who apparently have smart phones which ONLY support plain-text authentification ;( Bad - I know, but what should I do ... ;/ So my question now is: Is it possible to run CRAM-MD5 as well as Plain-Text auth together with Postfix if Postfix is using Dovecot's SASL auth service? Cause