similar to: MD5-CRYPT/CRAM-MD5 vs SHA512-CRYPT/PLAIN

On 12/06/2014 02:35 AM, Nick Edwards wrote: > On 12/5/14, ML mail <mlnospam at yahoo.com> wrote: >> Hello, >> >> I am wondering which variant is more secure for user authentication and >> password scheme. Basically I am looking at both variants: >> >> 1) MD5-CRYPT password scheme storage with CRAM-MD5 auth mechanism >> 2) SHA512-CRYPT password

Am 6. Dezember 2014 13:10:58 MEZ, schrieb Reindl Harald <h.reindl at thelounge.net>: > >Am 06.12.2014 um 06:56 schrieb Jan Wide?: >> If you add disable_plaintext_auth=yes ssl=required settings, then >> dovecot will drop authentication without STARTTLS. But damage will be >> done, client will send unencrypted (or in this scenario MD5 or SHA512 >> hash)

On 12/5/14, ML mail <mlnospam at yahoo.com> wrote: > Hello, > > I am wondering which variant is more secure for user authentication and > password scheme. Basically I am looking at both variants: > > 1) MD5-CRYPT password scheme storage with CRAM-MD5 auth mechanism > 2) SHA512-CRYPT password scheme storage with PLAIN auth mechanism > > In my opinion the option 2)

Am 06.12.2014 um 06:56 schrieb Jan Wide?: > If you add disable_plaintext_auth=yes ssl=required settings, then > dovecot will drop authentication without STARTTLS. But damage will be > done, client will send unencrypted (or in this scenario MD5 or SHA512 > hash) login/password no, damage will *not* be done STARTTLS happens in context of connect and *log before* any authentication is

Hello, If I try to use the crypt schemes provided by libc. I fail as follows: jnikula at jlaptop:~/$ doveadm pw -s SHA512-CRYPT -p 123456 {SHA512-CRYPT}$6$to2umWLDtqvzS8SV$ZGpBeGNKuUN/2HKG6I2BEAt.Gzrz/y.SZDkos2GT2ik8obnp3XCFWfVsKVriJa6jjHULmLIqCSSyaF5YrTH7u. jnikula at jlaptop:~/$ doveadm pw -t

Hi, Not sure if this is a PBKAC or not:- root at ds3:/usr/share/postfixadmin# doveadm pw -s SHA512-CRYPT -p password {SHA512-CRYPT}$6$aUgGXP0UshkMj7hY$9JV4yMRsjIe/98CzmglYrMjf.9NJ.FXzxcLE9B0v3doCRUWo2wRncc6hg6VCs0DCUHQbeC/bRDZdGCge/nB/h/ root at ds3:/usr/share/postfixadmin# doveadm pw -t

When I login through imap, I can see everything in ~/mail/ just fine. I cannot save to any of them. If I have an autocreate-autosubscribe folder (ZZZ here), it shows up as empty (correct). Then if I save something to it through imap, a file ~/mail/ZZZ appears, but nothing actually gets saved to it. David Griffith dave at 661.org ===begin quote=== # 2.1.7: /etc/dovecot/dovecot.conf # OS:

Hello, I've got dovecot authenticating to a MySQL database. I've got a field varchar(128) called password. Whenever I create a password I use doveadm pw as in: doveadm pw -s sha512-crypt now i'd like to get MySQL to make a dovecot-specific password. My goal is to eventually have roundcube's password plugin working with this MySQL database to change the password. Thanks. Dave.

Le 20/06/2019 ? 11:59, @lbutlr via dovecot a ?crit?: > On 20 Jun 2019, at 02:53, FUSTE Emmanuel via dovecot <dovecot at dovecot.org> wrote: >> There is plenty of context where TLS is not possible/desirable. > I?d say that is terrible advice. There are no reasonable contexts where is it is acceptable to send mail credentials without encryption. My users have had to use STARTTLS

Running postfix+dovecot+mysql on a mac-mini, and trying to solve this puzzle. Is this a Mac issue?, a MySQL issue? or something I haven't configured in? You can see from the output of the samples shows in the first case, that SHA512-CRYPT seems to be Unknown. The code I used is from a Linux based tutorial on setting up Postfix+Dovecot+MySQL on a site. Everything is generally going ok, apart

Hi, I use Debian jessie with Dovecot 2.2.13-11. While writing a script for Horde to change the passwords in my passwd file I noticed doveadm pw -t fails for SHA512-CRYPT: # doveadm pw -s SHA1 -p test {SHA1}qUqP5cyxm6YcTAhz05Hph5gvu9M= # doveadm pw -t {SHA1}qUqP5cyxm6YcTAhz05Hph5gvu9M= -p test {SHA1}qUqP5cyxm6YcTAhz05Hph5gvu9M= (verified) # doveadm pw -s SHA512-CRYPT -p test

Hi, according to changelog 2.2.rc3, dsync should replicate sieve scripts. Do I need turn on or switch some option(s), for this to work? Replication of mailboxes works great, only sieve scripts not. root at mail-1-proidea ~ # dpkg -l dovecot* | grep ^ii ii dovecot-core 2:2.2.15-1~auto+0 amd64 secure POP3/IMAP server - core files ii dovecot-imapd

After upgrading my dovecot installation about a month ago, I have started seeing "Requested CRAM-MD5 scheme, but we have only MD5-CRYPT" message from dovecot in my logs. Any help in finding and correcting the cause will be greatly appreciated. --Richard

/etc/dovecot.conf: auth default { mechanisms=plain login cram-md5 passdb { #.............. Windows Live Mail: CRAM-MD5 authentication failed. This could be due to a lack of memory on your system. Your IMAP command could not be sent to the server, due to non-network errors. This could, for example, indicate a lack of memory on your system. Configuration: Account: Sheltoncomputers

Hi all, Got a question on configuring dovecot, I'm still new at this so I might be doing this all wrong. I want dovecot to authenticate the mail client using CRAM-MD5 so I've setup the config in dovecot.conf: auth default { mechanisms = cram-md5 passdb sql { # Path for SQL configuration file, see doc/dovecot-sql-example.conf args = /etc/dovecot/dovecot-sql.conf

Howdy, I'm using dovecot and mysql users, and i'm creating the password with: ENCRYPT('some-passwd',CONCAT('$6$', SUBSTRING(SHA(RAND()), -16))) So far so good, everything's fine. Today saw that i didn't enabled CRAM-MD5, but if I do, and the (at least) IMAP client (roundcube/thunderbird/etc) issues CRAM-MD5 it doesn't authenticate. What am i doing wrong, or

Hi there, I'm currently running my auth against CRAM-MD5 only. But I face problems with customers who apparently have smart phones which ONLY support plain-text authentification ;( Bad - I know, but what should I do ... ;/ So my question now is: Is it possible to run CRAM-MD5 as well as Plain-Text auth together with Postfix if Postfix is using Dovecot's SASL auth service? Cause

Hi, I'm just in the middle of setting up dovecot to serve IMAPS -- Actually I've finished apart from one thing: CRAM-MD5 passwords. I'm using SQL as a backend for the password storage, and I don't want to store the passwords in plaintext. I've also configured dovecot to be rather restrictive when it comes to authentication methods (only CRAM-MD5 is allowed). To generate the

Hello, I'm running dovecot 1.0-0_12.beta8. Since I have only a very small number of user on that server, I have their names and password in text files, no databases. imap works both via webmail and via Kmail Is it possible to have, for the same user, a plain unencrypted password when connecting via imap on the local interface (needed, as I understand it, to be squirrelmail compatible) and a

hello dovecot community, question; if my user database and dovecot installation is currently setup to use plain login passwords, and i want to convert to cram-md5, after i configure dovecot accordingly and reset passwords into cram-md5, if anyone uses plain login method again in the future, will it still work? or must they always from this point on use encrypted passwords? Thanks. -- Thanks,