similar to: Problems in auth when switching from PLAIN-MD5

Hello, world! I have a long-running Dovecot & Postfix installation using PostgreSQL back-end. Until now I've been using MD5 hashing but would like to "upgrade" to the salted SSHA512. Is there a way to configure Dovecot so that it would automatically detect the type of the hash stored in the database, so that users who have changed their password (and thus being hashed with

I config postfix+mysql+dovecot for SASL SMTP autentication. It works if set: default_pass_scheme = PLAIN and store plain-text password in mysql I'm change default_pass_scheme = PLAIN with default_pass_scheme = PLAIN-MD5 an store password in mysql with md5('passwd') and dovecotpw -s PLAIN-MD5 -p test {PLAIN-MD5} and md5("test") = 098f6bcd4621d373cade4e832627b4f6 but

Hi all, Got a question on configuring dovecot, I'm still new at this so I might be doing this all wrong. I want dovecot to authenticate the mail client using CRAM-MD5 so I've setup the config in dovecot.conf: auth default { mechanisms = cram-md5 passdb sql { # Path for SQL configuration file, see doc/dovecot-sql-example.conf args = /etc/dovecot/dovecot-sql.conf

Hello! I'm storing passwords as MD5 hashes in a MySQL database and have specified "default_pass_scheme = PLAIN-MD5" in dovecot-sql.conf. Can Dovecot append or prepend a salt to a password before hashing them? Because without salt the plaintext passwords can be restored from the MD5 hashes using rainbow tables. Greetings Steffen Weber

i use last dovecot rc23 with users/passwords in mysql 1) How can i define a sql query for each auth mechanism ? 2)Why i can't set "default_pass_scheme = login" in my dovecot-sql.conf? : dovecot: Feb 21 09:46:22 Info: auth(default): client in: AUTH 1 PLAIN service=IMAP secured lip=127.0.0.1 rip=127.0.0.1 resp=AGFkaUBhZHJpYW4uZXUAcGFyb2xh dovecot: Feb 21

/etc/dovecot.conf: auth default { mechanisms=plain login cram-md5 passdb { #.............. Windows Live Mail: CRAM-MD5 authentication failed. This could be due to a lack of memory on your system. Your IMAP command could not be sent to the server, due to non-network errors. This could, for example, indicate a lack of memory on your system. Configuration: Account: Sheltoncomputers

Hello all. Im try to make a SMTP Auth using Docecot SASL. Im use swaks for tests. Im store users in LDAP. As im understand for CRAM & DIGEST MD5 we need to store pass in a clear text?... Ok. mail: admin3 at domain.off userPassword: 123 <- Clear text What im do %swaks -a CRAM-MD5 -au admin3 at domain.off -ap 123 To: admin3 at domain.off === Trying mx.domain.off:25... === Connected to

Hi, I've installed Gluster Storage Platform on two servers (mirror) and mounted the volume on a client. I had to mount it using "mount -t glusterfs <MANAGEMENT_SERVER>:<VOLUMENAME-ON-WEBGUI>-tcp <MOUNTPOINT>" because I didn't had a vol file and couldn't generate one with volgen because we don't have shell access to the gluster server right? How can

Hi! Dovecot is now a nearly 20 year old product, and during that time it has accumulated many different features and plugins in its core repository. We are starting to gradually remove some of these parts, which are unused, untested or deprecated. We will provide advance notification before removing anything. To start, the following features are likely to be removed in next few releases of

Hi! Dovecot is now a nearly 20 year old product, and during that time it has accumulated many different features and plugins in its core repository. We are starting to gradually remove some of these parts, which are unused, untested or deprecated. We will provide advance notification before removing anything. To start, the following features are likely to be removed in next few releases of

On 1/9/2015 4:07 PM, Jyri Hovila [Turvamies.fi] wrote: > Hello, world! > > I have a long-running Dovecot & Postfix installation using PostgreSQL > back-end. > > Until now I've been using MD5 hashing but would like to "upgrade" to > the salted SSHA512. > > Is there a way to configure Dovecot so that it would automatically > detect the type of the hash

<!doctype html> <html> <head> <meta charset="UTF-8"> </head> <body> <div> Those plugins can be resurrected with simple `git revert`. </div> <div> <br> </div> <div> Are you planning on open sourcing your client id authetication plugin? </div> <div> <br> </div>

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi everyone, I want to use dovecot as a IMAP and POP3 proxy in front of our current E-Mail hosting server to log the plain text passwords of all successful logins for migration reasons. Actually I don't need the password to see in plain text, storing them as SHA256-CRYPT (or something dovecot can use later for auth) hash in a file or DB would be

So I am on of the many users with qmail, and using vpopmail auth, I guess chatting with some other guys in the other mailing list we will convert to mysql driver but this is a lot of work for many people. I do understand dropping things out but a valid solutions needs to be proposed. Remo > On Mar 18, 2020, at 06:49, Michael Peddemors <michael at linuxmagic.com> wrote: > >

When using CRYPT to encrypt the password, you must put the following in dovecot-sql.conf.ext default_pass_scheme = CRYPT I hope this can help more people, in addition to leave you as I did my query: password_query = \ SELECT password \ FROM users WHERE login = '%u -- editor de sue?os

Hi List. I've got a dovecot running with mysql. All my users data are there. But I intend to use MD5 instead of clear passwords at MySQL. Someone can help-me? []s; Andrey Here's my dovecot-mysql.conf: # Dovecot queries db_host = localhost db_unix_socket = /var/lib/mysql/mysql.sock db_port = 3306 db = mail db_user = my_conn_user db_passwd = my_conn_passwd # # Pehapes i need to

Hi, I read a lot of howto's and I got problems with LDAP and Dovecot to work together. I'm using: Gentoo Linux 2008.0 hardened Dovecot 1.1.7 Kernel 2.6.26 OpenLDAP 2.3.43 My dovecot-ldap.conf is: uris = ldaps://auth.mydomain.com:636 auth_bind = yes auth_bind_userdn = uid=%u,ou=People,dc=mydomain,dc=com ldap_version = 3 base = ou=People,dc=mydomain,dc=com deref = never scope = subtree

After I found out that {CRYPT} doesn't support passwords longer than 8 characters, I decided to switch over to MD5 for user passwords in my LDAP database. However, while I have no problem with Postfix + SASL, Dovecot fails to authenticate. Relevant bits from /etc/dovecot-ldap.conf: user_attrs = mailAddress,,,,, # The search string is identical to what's found in /etc/saslauthd.conf:

Hi! We appreciate the feedback we have received from everyone, and we have discussed it internally. The features we are removing are deprecated and should not have been used anymore. They all have alternatives that work equally well if not better. For the authentication drivers, you can use passwd, pam and Lua as replacements for most of them. Lua in particular allows good integration with just

> On Jan 25, 2017, at 1:09 AM, Alessio Cecchi <alessio at skye.it> wrote: > > Il 24/01/2017 23:29, @lbutlr ha scritto: >> dovecot is setup on a system with MD5-CRYPT password scheme for all users, and I would like to update this to something that is secure, probably SSHA256-CRYPT, but I want to do this seamlessly without the users having to jump through any hoops. >>