4 Mar
2009
4 Mar
'09
12:37 a.m.
On Tue, 2009-03-03 at 10:48 -0800, Bradley Giesbrecht wrote:
I want to allow plain text passwords only on ssl/tls.
The default settings do that.
Is it possible to have: auth default { mechanisms = cram-md5 ntlm
mechanisms = plain cram-md5 ntlm
And then verify that you have disable_plaintext_auth=yes, which is also the default.
When testing make sure you don't test it from local server, because Dovecot treats local IPs as trusted.