<div dir="ltr"><div dir="ltr"><br></div><br><div class="gmail_quote"><div dir="ltr">On Thu, 20 Dec 2018 at 15:23, Aki Tuomi <<a href="mailto:aki.tuomi@open-xchange.com">aki.tuomi@open-xchange.com</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><u></u>
<div>
<div>
<br>
</div>
<blockquote type="cite">
<div>
On 20 December 2018 at 14:10 Odhiambo Washington <
<a href="mailto:odhiambo@gmail.com" target="_blank">odhiambo@gmail.com</a>> wrote:
</div>
<div>
<br>
</div>
<div>
<br>
</div>
<div>
You've made this more difficult to understand, even :-)
</div>
<div>
<br>
</div>
<div>
So the answer is:
</div>
<div>
Set the following in 10-auth.conf
</div>
<div>
<br>
</div>
<div>
1. disable_plaintext_auth = no
</div>
<div>
2. auth_mechanisms = plain
</div>
<div>
<br>
</div>
<div>
And yes, the encrypted passwords are stored in MySQL.
</div>
<div>
<br>
</div>
<div></div>
</blockquote>
<div>
<br>
</div>
<div>
You cannot use hashed passwords with digest-md5 mechanism.
</div>
<div>
<br>
</div>
<div>
Aki</div></div></blockquote><div><br></div><div>So, for the record, whenever passwords are hashed, digest-md5 should be disabled/removed from auth_mechanisms.</div><div><br></div><div>My question though - for purposes of understanding - how does dovecot take the sent password from a client and match it against the hashed one stored in the DB (in my case)? What happens in between the process?</div><div></div></div><div><br></div>-- <br><div dir="ltr" class="gmail_signature"><div dir="ltr"><div><div dir="ltr"><div>Best regards,<br>Odhiambo WASHINGTON,<br>Nairobi,KE<br>+254 7 3200 0004/+254 7 2274 3223<br>"<span style="font-size:12.8px">Oh, the cruft.</span><span style="font-size:12.8px">", </span><span style="font-size:12.8px">grep ^[^#] :-)</span></div></div></div></div></div></div>