Please - correct me if I'm wrong - auxprop sasldb versus saslauthd sasldb
Sascha Vogt
cyradm at papa.at
Sun Aug 24 18:21:55 EDT 2008
Reinaldo de Carvalho schrieb:
>> As far as I understand, both should authenticate against users in
>> /etc/sasldb2 and provide the same mechanisms.
>>
>> I'm asking becaus on my Debian Etch 4.0r4a (stable) variant 1 works, but
>> variant 2 doesn't and I dont know why. But I want to offer CRAM-MD5 and
>> DIGEST-MD5 too and this is AFAIK only possible with variant 2.
>>
>>
>
> saslauthd receive password as cleartext to be compatible with many
> lookup types (pam, ldap, mysql). You must use TLS/SSL to improve
> security.
>
>
Yes, you are right. That's planned, but not the question.
Sascha
More information about the Cyrus-sasl
mailing list