Help on CRAM-MD5
Alexander Dalloz
ad+lists at uni-x.org
Wed Jun 19 07:48:30 EEST 2019
Am 19.06.2019 um 00:04 schrieb Jorge Bastos via dovecot:
> Howdy,
>
> I'm using dovecot and mysql users, and i'm creating the password with:
>
> ENCRYPT('some-passwd',CONCAT('$6$', SUBSTRING(SHA(RAND()), -16)))
>
> So far so good, everything's fine.
> Today saw that i didn't enabled CRAM-MD5, but if I do, and the (at least)
> IMAP client (roundcube/thunderbird/etc) issues CRAM-MD5 it doesn't
> authenticate.
> What am i doing wrong, or that can be done so that all types work (SASL
> PLAIN LOGIN + CRAM-MD5)?
>
> Thanks in advanced,
>
For shared secret mechanisms like CRAM-MD5 to work the password must be
stored in plaintext AFAIK. That's a good reason not to offer that.
Alexander
More information about the dovecot
mailing list