[Dovecot] Problem with DIGEST-MD5 authentication and plaintext passwords
Matthew Reimer
mreimer at vpop.net
Wed Nov 12 03:09:19 EET 2003
I wasn't able to get DIGEST-MD5 authentication working with passwords
stored as plaintext until I tweaked password_generate() to make it not
use the domain portion of user at domain.com as the realm. Both evolution
and kmail send the email address as the username with no realm; when
dovecot tries to convert the username to user + realm, the hash is
different and so DIGEST-MD5 authentication fails. Having
password_generate() hash user at domain.com::password instead of
user:domain.com:password fixes it. I need this to work because I need to
support all of PLAIN, CRAM-MD5, and DIGEST-MD5 at the same time.
Timo, do you think this is a proper fix, or are kmail and evolution broken?
Matt
More information about the dovecot
mailing list