similar to: CRAM-MD5

v0.99.11 2004-09-04 Timo Sirainen <tss at iki.fi> + 127.* and ::1 IP addresses are treated as secured with disable_plaintext_auth = yes + auth_debug setting for extra authentication debugging + Some documentation and error message updates + Create PID file in /var/run/dovecot/master.pid + home setting is now optional in static userdb + Added mail setting to static userdb - After

Hi, I'm wondering what is dovecot's support for CRAM-MD5? The mailing list for November 2003 seems to indicate that Timo has included it into the CVS tree, however the ChangeLogs in the latest version does not say anything about it. The online docs has indicated that it's supported, but the doc files in 0.99.10.4 doesn't seem to mention about it.... Thanks in advance.

Hi, due to compatibility issues with mail clients I think I have to use plain text authentication. In order to secure the passwords during their transport I'll use SSL encryption. After reading some documentation I think that I'll have to store the passwords as plain text in the authdb. That is something I dislike very much as it is a (imho) good tradition for unix to store only

/etc/dovecot.conf: auth default { mechanisms=plain login cram-md5 passdb { #.............. Windows Live Mail: CRAM-MD5 authentication failed. This could be due to a lack of memory on your system. Your IMAP command could not be sent to the server, due to non-network errors. This could, for example, indicate a lack of memory on your system. Configuration: Account: Sheltoncomputers

Since no-one have complained about previous RCs, I guess it's release time. Since -rc2 I added the ioloop.c assert fix, and 64bit Solaris fix. Here's the full change summary again: v0.99.10.6 2004-06-20 Timo Sirainen <tss at iki.fi> + SHA1 password support using OpenSSL crypto library + mail_extra_groups setting + maildir_stat_dirs setting + Added NAMESPACE capability and

Hello, am I right, that dovecot can't cope with ldap so authentification is handled by ldap itself? And, for that I have to use {CRYPT} and cannot use other mechanisms as {SMD5} Are there any other possibilities? A --

Hi! I'm trying to use MD5 hashed password in a passwd-file (not the system one). I've set auth_userdb = passwd-file /my/passwd/file auth_passdb = passwd-file /my/passwd/file auth.txt additionally describes a syntax like: auth_userdb = passwd-file[34] /my/passwd/file to denote MD5 passwords in the file, but I've been unable to get any combination of using []'s after

> Password schemes: HMAC-MD5, RPA, SKEY, PLAIN-MD4, LANMAN, NTLM, SMD5 The web is flooded with plain text passwords and hashed passwords harvested from hacked servers. Dovecot stores passwords with the same scheme used for client authentication. Therefore, we use crammd5/hmac-md5. It does not look like much, but is better than plaintext. As md5 is about to go, and I have no intention to

Hello, I've just installed dovecot to replace courier-imap and I've found out it didn't support some of the typical LDAP userPassword schemes, so I've written some based on OpenSSL API. Furthermore I noticed that the MD5 one seems broken. If it isn't a requirement to ship its own implementation of a crypto algorithm, I would send in a patch to replace schema checks with

hi, i setup a new mail server (dovecot-0.99.10.7) with ldap authentication (openldap-2.1.29-2). everything works properly until i switch the user's password from crypt to md5 in the ldap server (of course in this case in the ldap server it stores es {MD5}.... but dovecot gives such error messages: ----------------------- dovecot-auth: Jul 29 17:30:08 Info: ldap(lfarkas at x.com): password

I don't desagree with your vision, but if the use of CRAM-XXXX has to use plaint text password's on the server there's a dark side, or there's a CRAM-XXX that can use encrypted on server side? There's always the thing that can clients don't support it. I think i'm not wrong with what i said, On 20 Jun 2019, at 02:53, FUSTE Emmanuel via dovecot <dovecot at

hello dovecot community, question; if my user database and dovecot installation is currently setup to use plain login passwords, and i want to convert to cram-md5, after i configure dovecot accordingly and reset passwords into cram-md5, if anyone uses plain login method again in the future, will it still work? or must they always from this point on use encrypted passwords? Thanks. -- Thanks,

After upgrading my dovecot installation about a month ago, I have started seeing "Requested CRAM-MD5 scheme, but we have only MD5-CRYPT" message from dovecot in my logs. Any help in finding and correcting the cause will be greatly appreciated. --Richard

Hi all, Got a question on configuring dovecot, I'm still new at this so I might be doing this all wrong. I want dovecot to authenticate the mail client using CRAM-MD5 so I've setup the config in dovecot.conf: auth default { mechanisms = cram-md5 passdb sql { # Path for SQL configuration file, see doc/dovecot-sql-example.conf args = /etc/dovecot/dovecot-sql.conf

We have a plethora of accounts for which we would like to enable CRAM-MD5 but their passwords are stored as MD5 hashes. Is there anything we can do? Can we take a linux MD5 hashed password (e.g. $1$fac330ee$wd6Tll...) and convert it to dovecot's CRAM-MD5 format (e.g. {CRAM-MD5}b3f297...)? Thanks!

Howdy, I'm using dovecot and mysql users, and i'm creating the password with: ENCRYPT('some-passwd',CONCAT('$6$', SUBSTRING(SHA(RAND()), -16))) So far so good, everything's fine. Today saw that i didn't enabled CRAM-MD5, but if I do, and the (at least) IMAP client (roundcube/thunderbird/etc) issues CRAM-MD5 it doesn't authenticate. What am i doing wrong, or

Le 20/06/2019 ? 12:25, @lbutlr via dovecot a ?crit?: > On 20 Jun 2019, at 04:14, Jorge Bastos via dovecot <dovecot at dovecot.org> wrote: >> I don't desagree with your vision, but if the use of CRAM-XXXX has to use >> plaint text password's on the server there's a dark side, or there's a >> CRAM-XXX that can use encrypted on server side? There's

Hello. dovecot 2.2.26.0 When testing nopassword extra field (http://wiki2.dovecot.org/PasswordDatabase/ExtraFields) with CRAM-MD5 dovecot doesn't allow any password (while it should) and returns " Authentication failed" while in logs: Nov 17 08:22:34 auth-worker(1551): Info: sql(pepe,127.0.0.1,<Y8amDXpBptV/AAAB>): Requested CRAM-MD5 scheme, but we have a NULL password

Hello all. Im try to make a SMTP Auth using Docecot SASL. Im use swaks for tests. Im store users in LDAP. As im understand for CRAM & DIGEST MD5 we need to store pass in a clear text?... Ok. mail: admin3 at domain.off userPassword: 123 <- Clear text What im do %swaks -a CRAM-MD5 -au admin3 at domain.off -ap 123 To: admin3 at domain.off === Trying mx.domain.off:25... === Connected to