[Dovecot] Confused about "Authentication Mechanism" and "Password Schemes"

Miha Vrhovnik miha.vrhovnik at cordia.si
Thu Jan 10 14:00:56 EET 2013


 

On 10.01.2013 12:44, Thomas Pries wrote: 

> Hi,
> 
> I am currently
setting up a Mailserver and decided to use Dovecot as 
>
IMAP/POP3-Server. I read the wiki an thought about how to transmit and

> store the passwords (I want to use a MySQL-database).
> 
> I want to
use encrypted transmission and encrypted storage. The wiki says:
> 
>
"If you want to use only one non-plaintext mechanism, you can store the

> passwords using the mechanism's own password scheme. "
> 
> Ok, one
secure mechanism is acceptable in my scenario and the wiki gives 
> a
list of supported authentication mechanisms and a list of supported 
>
password schemes.
> 
> But I am missing the relation between the two
lists, which mechanism 
> expects which storage scheme?
> 
> Did I
overlooked any easy answer (other then "read the RFCs").
> 
> Best
Regards
> Thomas

Hi Thomas, 

its quite simple. If you store the
passwords in database in plain text then your server can use any
authentication algorithm available. however if you store
encrypted/hashed passwords, then the only two available authentication
algorithms is: plain as the dovecot needs to properly encode the
password 

Regards, 

M 
 


More information about the dovecot mailing list