[Dovecot] Concerned about Dovecot's new NTLM code

Andrew Bartlett abartlet at samba.org
Wed Sep 29 10:19:37 EEST 2004


On Wed, 2004-09-29 at 10:24, Skye Poier wrote:
> Word on the street is John Peacock said:
> > This is a long winded way of saying that I would be interested in seeing 
> > the Dovecot code offer more ways of tying into backend authentication 
> > sources and I know from personal experience that Samba is an important part 
> > of such an effort...
> 
> Isn't this exactly what PAM is for?

The problem is, despite some apparent initial hopes of the authors, PAM
is effectively plaintext only these days, and what this is about is
challenge-response NTLMSSP.  

Projects like Cyrus-SASL are filling that gap a little, and I have a
patch I've submitted to them, for the same thing.  

Andrew Bartlett

-- 
Andrew Bartlett                                 abartlet at samba.org
Authentication Developer, Samba Team            http://samba.org
Student Network Administrator, Hawker College   abartlet at hawkerc.net
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://dovecot.org/pipermail/dovecot/attachments/20040929/7c7b2087/attachment.pgp


More information about the dovecot mailing list