question on cyrus authentication

Erik Myllymaki erik.myllymaki at
Fri Jun 25 12:23:35 EDT 2004

Sebastian Hagedorn wrote:

> Hi,
> -- Erik Myllymaki <erik.myllymaki at> is rumored to have 
> mumbled on Freitag, 25. Juni 2004 7:49 Uhr -0700 regarding question on 
> cyrus authentication:
>> I have a mail server running Exim 4.21 and Cyrus 2.1.17.
>> I use sasldb2 for the passwords. This requires a client that knows
>> CRAM-MD5.
> why would you say that? Most mechanisms work with sasldb ... we don't 
> use Exim but Sendmail, but that shouldn't be relevant.
I see, so somehow I have misconfigured things so that if I use a client 
that tries to send via PLAIN, it will work if the username:password 
provided is a unix logon account for the mailserver, but will NOT work 
if the username:password is in the sasldb2 file...any ideas where I 
could have mucked that one up?

>> I have Exim setup to use the same sasldb2 database for SMTP
>> authentication, as well.
>> So far this has been fine because my clients have been *force-fed*
>> Thunderbird and Squirrelmail as clients and they both understand 
>> CRAM-MD5.
>> Now, I will have 30 more users moving over to this mail server, but they
>> ALL use Outlook Express, and I know that OE does not do CRAM-MD5.
>> Obviously I do not want to start using local user passwords AND sasldb2
>> passwords for all these users (and more to follow). Also, I have to make
>> a decision and deploy it by July 1st.
>> So, my options that I see are:
>> 1.   Force them all to use Thunderbird.
>> 2.   Use local user accounts and passwords for all of them and use 
>> TLS to
>> secure the PLAINTEXT logins. I already have TLS configured.
> You should do that anyway.
>> 3. *Somehow*, configure Cyrus and Exim to allow both PLAINTEXT over TLS
>> and CRAM-MD5 logins.
> That's the best approach. You might also add NTLM
> Greetings, Sebastian
> -- 
> Sebastian Hagedorn M.A. - RZKR-R1 (Flachbau), Zi. 18, Robert-Koch-Str. 10
> Zentrum für angewandte Informatik - Universitätsweiter Service RRZK
> Universität zu Köln / Cologne University - Tel. +49-221-478-55
> 87

Cyrus Home Page:
Cyrus Wiki/FAQ:
List Archives/Info:

More information about the Info-cyrus mailing list