[Dovecot] Concerned about Dovecot's new NTLM code

Timo Sirainen tss at iki.fi
Wed Sep 29 19:00:31 EEST 2004


On 29.9.2004, at 10:19, Andrew Bartlett wrote:

> The problem is, despite some apparent initial hopes of the authors, PAM
> is effectively plaintext only these days, and what this is about is
> challenge-response NTLMSSP.
>
> Projects like Cyrus-SASL are filling that gap a little, and I have a
> patch I've submitted to them, for the same thing.

BTW. sometimes after v1.0 I've thought about separating dovecot-auth 
into separate library so other servers could use it, similiar to 
Cyrus-SASL library. I'd be interested about getting at least Postfix to 
use it.

The biggest difference between Cyrus-SASL and Dovecot-SASL is that 
Cyrus-SASL is simply a library to use, while Dovecot-SASL is 
client/server making it much easier to use with chrooted/nonprivileged 
processes (Cyrus' saslauthd is plaintext-only AFAIK).
-------------- next part --------------
A non-text attachment was scrubbed...
Name: PGP.sig
Type: application/pgp-signature
Size: 186 bytes
Desc: This is a digitally signed message part
Url : http://dovecot.org/pipermail/dovecot/attachments/20040929/42e7dcfe/PGP.pgp


More information about the dovecot mailing list