Hello
auth_mechanisms are only for encrypting passwords while authenticating. They have nothing to do with transport encryption aka TLS and STARTTLS.
You only can use CRAM-MD5 when your authentication source provides plain passwords. As you use password hashes in your authentication source, you have to disable it. Else a client will try to send you the CRAM-MD encrypted password, which you can not check for validity.
Hope this clears it a bit.
Kind regards, Christian Mack
On 01.12.21 23:26, absolutely_free@libero.it wrote:
Hi, I wondering if I can simply disable CRAM-MD5 and/or DIGEST-MD5. Are they useful in case of SSL or TLS connections? Thankyou
Il 01/12/2021 18:42 Aki Tuomi <aki.tuomi@open-xchange.com> ha scritto:
auth_mechanisms = plain login digest-md5 cram-md5
You still advertise them though.
Aki
-- Christian Mack Universität Konstanz Kommunikations-, Informations-, Medienzentrum (KIM) Abteilung IT-Dienste Forschung und Lehre 78457 Konstanz +49 7531 88-4416