libsasl + smtp w/o clear passwd storage?
dwhite at olp.net
Thu Feb 4 21:42:28 EST 2016
On 02/04/16 18:24 -0800, Jan Parcel via Cyrus-devel wrote:
>I think there MUST be a way to use libsasl with smtp without storing
>passwords in the clear, and ESPECIALLY not on each local system, but
>nowhere in the docs is an example for how to do so.
>I would think the ldapdb auxprop plugin might be able to do that, or
>some kind of use_pam? Or ldap without the ldapdb plugin?
>(I realize Kerberos might handle that but I'm looking for a
>non-Kerberos solution in addition.)
>Thanks for any hints,
The cyrus sasl list is a good resource here.
Good options would be PLAIN or LOGIN, in conjunction with saslauthd, or any
mechanism which is not a shared secret mechanism.
More information about the Cyrus-devel