libsasl + smtp w/o clear passwd storage?

Dan White dwhite at
Thu Feb 4 21:42:28 EST 2016

On 02/04/16 18:24 -0800, Jan Parcel via Cyrus-devel wrote:
>I think there MUST be a way to use libsasl with smtp without storing 
>passwords in the clear, and ESPECIALLY not on each local system, but 
>nowhere in the docs is an example for how to do so.
>I would think the ldapdb auxprop plugin might be able to do that, or 
>some kind of use_pam? Or ldap without the ldapdb plugin?
>(I realize Kerberos might handle that but I'm looking for a 
>non-Kerberos solution in addition.)
>Thanks for any hints,

The cyrus sasl list is a good resource here.


Good options would be PLAIN or LOGIN, in conjunction with saslauthd, or any
mechanism which is not a shared secret mechanism. 

More information about the Cyrus-devel mailing list