[Dovecot] SQL field format for digest-md5?

Darren Pilgrim list_dovecot at bluerosetech.com
Tue Dec 23 23:51:16 EET 2008

Timo Sirainen wrote:
> On Dec 23, 2008, at 8:57 PM, Darren Pilgrim wrote:
>> I'm enabling digest-md5 authentication with "user at example.com"  
>> username and plain-text passwords stored in a MySQL database.  What  
>> should the password field contain in order to work with digest-md5?   
>> Would the following:
>> SELECT CONCAT('{digest-md5}', MD5(CONCAT(username, '::', password)))  
>> AS password ...
>> be correct?
> Don't try to do anything special. Just:
> SELECT username as user, password FROM ..

That's what I already have.  It works for plain, login and cram-md5; 
however, but digest-md5 fails.  Reading the wiki page[1] for digest-md5 
says the user at example.com username format breaks because I'm not using 
realms.  My options are either set auth_realms or store passwords using 
the DIGEST-MD5 scheme.  I'm trying to do the later since I can't 
realistically set or maintain auth_realms.

1: http://wiki.dovecot.org/Authentication/Mechanisms/DigestMD5

More information about the dovecot mailing list