similar to: DIGEST-MD5 Authentication

On 19.6.2019 7.48, Alexander Dalloz via dovecot wrote: > Am 19.06.2019 um 00:04 schrieb Jorge Bastos via dovecot: >> Howdy, >> >> I'm using dovecot and mysql users, and i'm creating the password with: >> >> ENCRYPT('some-passwd',CONCAT('$6$', SUBSTRING(SHA(RAND()), -16))) >> >> So far so good, everything's fine. >>

Hello, The world is not black or white. Yes CRAM-MD5 is old and his successor SCRAM-XXXXXX is not widely available/implemented which is sad. For your need, use TLS and forget about it. Thunderbird is conservative. If you don't configure TLS or TLS is not available, it try to use something that not expose the password. There is plenty of context where TLS is not possible/desirable. And

Trying to update to dovecot-1.0.alpha5 and seeing this at compile time: mech-gssapi.o mech-gssapi.c; then mv -f ".deps/mech-gssapi.Tpo" ".deps/mech-gssapi.Po"; else rm -f ".deps/mech-gssapi.Tpo"; exit 1; fi mech-gssapi.c:30:27: gssapi/gssapi.h: No such file or directory mech-gssapi.c:42: error: syntax error before "gss_ctx_id_t" mech-gssapi.c:51: error:

Hi, yesterday lib-sql got driver-sqlpool with some changes in Makefile.am, but these changes in makefile works only for --with-sql=yes. When --with-sql=plugin is used build fails with: libtool --tag=CC --mode=link gcc -std=gnu99 -O2 -g -pipe -Wall -Wp,- D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector --param=ssp-buffer-size=4 - m64 -mtune=generic -Wall -W -Wmissing-prototypes

Hey, I noticed that there was an ioloop "module" (if we can call it that) for select and poll and decided to add one for kqueue (aka kevent) BSDs high performance descriptor multiplexing API. I haven't done any of the configure glue stuff but the code is complete and works well. kqueue is available on all recent versions of FreeBSD, NetBSD, OpenBSD and Darwin (and therefore MacOS

Hi... Here''s a working Perl script that I want to be able to do in Ruby: use WWW::Mechanize; my $url = "http://host/tt?name=chris"; my $mech = WWW::Mechanize->new(); $mech->add_header( Referer => "http://chrismcmahonsblog.blogspot.com" ); $mech->add_header( Cookie => "messageid=170118; memberid=1007"); $mech->get($url) so the header

Hi All, I *think* it's ddply because the function recognizes vr1, etc, in other parts of the function. Here's some code: # create dataset PROV.PM.FBCTS <- c(0.00 ,0.00, 33205.19, 25994.56, 23351.37, 26959.56 ,27632.58, 26076.24, 0.00, 0.00 , 6741.42, 18665.09 ,18129.59 ,21468.39 ,21294.60 ,22764.82, 26076.73) FBCTS.INV.TOT <- c(0 , 0, 958612, 487990, 413344, 573347,

Le 20/06/2019 ? 12:25, @lbutlr via dovecot a ?crit?: > On 20 Jun 2019, at 04:14, Jorge Bastos via dovecot <dovecot at dovecot.org> wrote: >> I don't desagree with your vision, but if the use of CRAM-XXXX has to use >> plaint text password's on the server there's a dark side, or there's a >> CRAM-XXX that can use encrypted on server side? There's

I'm seeing a lot of activity over the last two days with what looks to be a kiddie script. Mostly trying to access several of our servers with the username anna. All failed... in fact I don't think we have a user anna on any of our servers. Meanwhile... I'm running Sendmail. This pertains to Centos 4 and 5 servers. I'm also running fail2ban on some and Ossec on others. So far,

Le 20/06/2019 ? 11:59, @lbutlr via dovecot a ?crit?: > On 20 Jun 2019, at 02:53, FUSTE Emmanuel via dovecot <dovecot at dovecot.org> wrote: >> There is plenty of context where TLS is not possible/desirable. > I?d say that is terrible advice. There are no reasonable contexts where is it is acceptable to send mail credentials without encryption. My users have had to use STARTTLS

On 8/13/20 10:56 AM, Aki Tuomi wrote: > >> On 13/08/2020 11:31 Michael Str?der <michael at stroeder.com> wrote: >> I'm trying to update openSUSE package on OBS [1] which builds for >> various OS versions and hardware platforms. To me it seems that a test >> fails on 32bit platforms: >> >> Info: invalid token 3: structure length disagrees with data

Trying to compile 1.1rc8 from scratch on FreeBSD 6.3 as well as from the dovecot-devel port and I get an error when trying to include gssapi. gcc -DHAVE_CONFIG_H -I. -I../.. -I../../src/lib -I../../src/lib-sql -I../../src/lib-settings -I../../src/lib-ntlm -I../../src/lib-otp -DAUTH_MODULE_DIR=\""/usr/local/lib/dovecot/auth"\"

Hello I'm attempting to configure Dovecot with mysql support so I'm able to have a single database of users and point both postfix and dovecot to this db. I currently have an rpm src that I have download and placed in my RPMBUILDROOT of my linux box. Next I configured the .spec file and attempted to run a rpmbuild -bb Near the end of the install phase I receive an error which has me

On 18/08/20 2:15 pm, Peter wrote: > I'm getting the same issue on a CentOS 6 i386 build: > > test-mech.c:371: Assert(#1) failed: strcmp(test_case->username,username) > ??????? "testuser" != NULL > test-mech.c:380: Assert(#1) failed: request->failed == FALSE > auth mech APOP 2/84 .................................................. : > FAILED > >

Hi Guys, Unoffical patch for mech-plain so the AUTH PLAIN command works with SQL (and possibly other DBs). Thunderbird should work again after this. --- mech-plain.c 2004-12-10 01:56:51.065987304 +0000 +++ mech-plain.c 2004-12-10 01:53:16.974534152 +0000 @@ -27,7 +27,10 @@ authid = (const char *) data; authenid = NULL; pass = ""; - count = 0; +

to improve forensic log info i want to set the PAM_RHOST value to the remote ip (which pam logs as rhost=foo in failure messages). i didn't look to see if anything has been done in this way on CVS because i'm still on 0.99.10.6. below is a bit of a hack. in some sense the remote_ip might make more sense in the AUTH_LOGIN_REQUEST_NEW packet rather than the continue packet... but that

Hi This is my 1st time here so please be gentle. I have encountered one problem since upgrading from 2.0.19 to 2.2.9 which has me beat. The system provides sasl auth services via inet to a postfix 2.11 system. Since the upgrade postfix complains of no sasl methods available. The same dovecot configuration is used on both versions. Now I get these results looking at the inet connection Version

I have built dovecot with kerberos support, however am not able to log in using GSSAPI support in my mail client. I receive the following error: SASL(-4): no mechanism available: No worthy mechs found Additionally, Digest-MD5 does not work - I receive an authentication failed (as though I have an incorrect password) if I try to use it. I am using PostgreSQL for authentication, and returning

Hai, ? I have some strange things and i cant figure out whats going on. The problem is the my domain users and the extra Domain Admin ( Admin )? cant access my member server ( and shares ) ? ? When?i login with the DOMAIN\Administrator it all works fine, can access all shares not popups with authorisation requests. ? but as DOMAIN\Admin ( has the same rights as domain Administrator ), is added

Hi all, Have anyone had problems with Exhange 2003 servers trying to use sasl against Postfix+Dovecot SASL using the AUTH LOGIN Mechanism ? I've done some smtp debugging, and it seems that Exchange sends the usename at the same time as AUTH LOGIN i.e: AUTH LOGIN <base64_username> It then expects to be able to send the password. mech-login.c silently discards all data after AUTH