[Dovecot] Problem with DIGEST-MD5 authentication and plainte xt passwords

Matthew Reimer mreimer at vpop.net
Tue Nov 18 00:53:57 EET 2003


Maikel Verheijen wrote:
> For what it's worth:
> 
> We use postgres userlookups, and use an older version of dovecot (an old 
> cvs version of around 0.99.9.1), and we DO use digest-md5 password 
> encryption in the database and realms. It seems to work flawlessly in 
> our situation, I used kmail, evolution, apple-mail, entourage, outlook, 
> outlook-express and mutt.
> 
> 
> Have there been changes in the digest-md5 code since 0.99.9.1 ?
> 
> 
> Kind regards,
> 
> 
> Maikel Verheijen
> Ladot Nederland BV.

The problem is not with passwords that are stored in the db in 
digest-md5 format (i.e., as an md5 hash of user:realm:password), but 
with dovecot's password_generate() that takes the username and password 
and hashes it on the fly.

Matt



More information about the dovecot mailing list