similar to: CRAM-MD5 support?

Hi, after getting dovecot working with PostgreSQL and plaintext passwords I tried to use md5 encrypted passwords with mozilla. www.roughtrade.net/dovecot says that Mozilla only supports CRAM-MD5 and that CRAM-MD5 is included in HEAD. Now I have two questions: 1) Is the md5 hash stored in passdb with cram-md5 the same as in digest-md5? 2) Is a new dovecot stable build planned within the next two

v0.99.11 2004-09-04 Timo Sirainen <tss at iki.fi> + 127.* and ::1 IP addresses are treated as secured with disable_plaintext_auth = yes + auth_debug setting for extra authentication debugging + Some documentation and error message updates + Create PID file in /var/run/dovecot/master.pid + home setting is now optional in static userdb + Added mail setting to static userdb - After

Hello, I've just installed dovecot to replace courier-imap and I've found out it didn't support some of the typical LDAP userPassword schemes, so I've written some based on OpenSSL API. Furthermore I noticed that the MD5 one seems broken. If it isn't a requirement to ship its own implementation of a crypto algorithm, I would send in a patch to replace schema checks with

Hi, due to compatibility issues with mail clients I think I have to use plain text authentication. In order to secure the passwords during their transport I'll use SSL encryption. After reading some documentation I think that I'll have to store the passwords as plain text in the authdb. That is something I dislike very much as it is a (imho) good tradition for unix to store only

Since no-one have complained about previous RCs, I guess it's release time. Since -rc2 I added the ioloop.c assert fix, and 64bit Solaris fix. Here's the full change summary again: v0.99.10.6 2004-06-20 Timo Sirainen <tss at iki.fi> + SHA1 password support using OpenSSL crypto library + mail_extra_groups setting + maildir_stat_dirs setting + Added NAMESPACE capability and

Hello, am I right, that dovecot can't cope with ldap so authentification is handled by ldap itself? And, for that I have to use {CRYPT} and cannot use other mechanisms as {SMD5} Are there any other possibilities? A --

Hey all, A few minutes ago, I installed Dovecot, hoping things would get clear by just looking at the relevant config files, but since they don't, I hope someone here could give me a clue... What I want to achieve is really only basic functionality. It's just for personal use, so it shouldn't get too complicated. Up til now, I have been using fetchmail to get my mail off of several

Hi! I'm trying to use MD5 hashed password in a passwd-file (not the system one). I've set auth_userdb = passwd-file /my/passwd/file auth_passdb = passwd-file /my/passwd/file auth.txt additionally describes a syntax like: auth_userdb = passwd-file[34] /my/passwd/file to denote MD5 passwords in the file, but I've been unable to get any combination of using []'s after

Hi! I'm wondering how close Dovecot can be said to be to 1.0 "Final". How stable can the alpha branch be said to be? I was browsing around the Dovecot homepage, but I couldn't find any answer to this question. I hope it hasn't been asked (too many times) before. Fredrik Tolf

Hi, we are just testing postfix 2.3 in combination with its new dovecot SASL plugin. Now what we would like to have was dovecot SASL without acutally running dovecot ... The reason for this is because we have the "real" dovecot running on a different server than the postfix instance and it would be nice if it would not be necessary running an "full" dovecot on that server for

I'm currently setting up a large mail system, with different services split out onto different machines. What I want is this: machine1: dovecot smtp auth, no pop/imap machine2: dovecot lda, no pop/imap machine3: pop/imap, nothing else machine3 is obviously not the issue. Is there a way to run machine1 and machine2 with just their respective services, but no pop/imap? -- Marshal Newrock

Hey, is http://www.dovecot.org/patches/1.0/quota.tar.gz supposed to work with maildir quota's for virtual mailboxes? Using it with dovecot-lda (cvs) results in DSN Your message was automatically rejected by Sieve, a mail filtering language. The following reason was given: Internal quota calculation error Thanks, Lieven -------------- next part -------------- A non-text attachment was

Hi, Is there any way to use something like OPIE (one-time passwords in everything, S/KEY) with dovecot? Here's what I want to do ultimately: * have an AUTH=XYZ method that relies on S/KEY as provided by the libpam-opie module (well, maybe not through pam) * have dovecot advertise authentication as follows: - local : PLAIN, XYZ - remote (encrypted) : EXTERNAL, and

This seems to be a common topic but I haven't seen anyone ask this exact question and get a decent answer: I use virtual mailboxes with all of the db's in LDAP. Last night I upgraded to the latest CVS version of dovecot and dovecot-lda and got global sieve filtering working by setting the global_script_path to a sieve like /home/vmail/mydomain/sieve and it works great. Now I need to

Some of the things that keep being brought up SEEM TO ME to be a form of IMAP crack that can be accomplished in a much more generalized manner with a little bit of thought. An idea I had a while back was for IMAP views. It accomplishes the four things I keep seeing on this list without being specific to any of them. Consider new configuration variables: rewrite Junk { folder = INBOX search =

Hi, Are there any big Dovecot sites (say 50,000-100,000) users on this list? What sort of hardware do you use. What sort of problems do you see? Many thanks, Jonathan.

Hi Timo, Mozilla 1.5 doesn't understand DIGEST-MD5; it only speaks CRAM-MD5 or PLAIN. Maybe other clients have the same problem. My users like Mozilla, so I wrote new code for Dovecot to speak CRAM-MD5, using your mech-digest-md5.c as a reference. Attached diff in two formats i) for current CVS ii) against last release both tested and working with Mozilla and KMail's CRAM-MD5. I

Dovecot has routines for password hashing; two of these, crypt_generate and md5_generate, both use sizeof(salt_chars) when reducing a random string to salt. I became suspicious when I noted that all salts generated are composed only of "./01". Unfortunately salt_char is declared static const char * rather than static const char [], and so sizeof(salt_chars) is the size of a pointer.

Timo encouraged me to forward this to the list. Basically it pokes the right value into the right place to make quota deltas work properly when saving mail to Maildirs. It's a nasty hack workaround, so don't rely on it without understanding that it should be superseded in future. Without this, saving to a maildir doesn't increment quota. ---