[Dovecot] Authentication trouble.
Timo Sirainen
tss at iki.fi
Thu Dec 22 19:50:28 EET 2005
On Fri, 2005-12-16 at 18:50 -0500, Michael Peters wrote:
> * BAD [ALERT] Plaintext authentication is disabled, but your client sent
> password in plaintext anyway. If anyone was listening, the password was
> exposed.
You probably would want to just use SSL/TLS. Or you could allow
plaintext authentication by setting disable_plaintext_auth=no
> *I have tried adding digest-md5 cram-md5 and shadow but Dovecot will not
> start.*
> auth default {
> # Space separated list of wanted authentication mechanisms:
> # plain digest-md5 cram-md5 apop anonymous gssapi
> mechanisms = plain
>
> *Dovecot will not start when I tried these options. Maybe I am entering
> this wrong?*
>
> passdb shadow { /etc/shadow
> }
> passdb passwd { /etc/passwd
> }
CRAM-MD5 and DIGEST-MD5 require passwords to be either in plaintext
format or in a special kind of a format. You can't use /etc/shadow with
anything else than plaintext authentication.
More information about the dovecot
mailing list