question on cyrus authentication

Sebastian Hagedorn Hagedorn at
Fri Jun 25 12:09:04 EDT 2004


-- Erik Myllymaki <erik.myllymaki at> is rumored to have mumbled 
on Freitag, 25. Juni 2004 7:49 Uhr -0700 regarding question on cyrus 

> I have a mail server running Exim 4.21 and Cyrus 2.1.17.
> I use sasldb2 for the passwords. This requires a client that knows

why would you say that? Most mechanisms work with sasldb ... we don't use 
Exim but Sendmail, but that shouldn't be relevant.

> I have Exim setup to use the same sasldb2 database for SMTP
> authentication, as well.
> So far this has been fine because my clients have been *force-fed*
> Thunderbird and Squirrelmail as clients and they both understand CRAM-MD5.
> Now, I will have 30 more users moving over to this mail server, but they
> ALL use Outlook Express, and I know that OE does not do CRAM-MD5.
> Obviously I do not want to start using local user passwords AND sasldb2
> passwords for all these users (and more to follow). Also, I have to make
> a decision and deploy it by July 1st.
> So, my options that I see are:
> 1.   Force them all to use Thunderbird.
> 2.   Use local user accounts and passwords for all of them and use TLS to
> secure the PLAINTEXT logins. I already have TLS configured.

You should do that anyway.

> 3. *Somehow*, configure Cyrus and Exim to allow both PLAINTEXT over TLS
> and CRAM-MD5 logins.

That's the best approach. You might also add NTLM

Greetings, Sebastian
Sebastian Hagedorn M.A. - RZKR-R1 (Flachbau), Zi. 18, Robert-Koch-Str. 10
Zentrum für angewandte Informatik - Universitätsweiter Service RRZK
Universität zu Köln / Cologne University - Tel. +49-221-478-5587
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 194 bytes
Desc: not available
Url :

More information about the Info-cyrus mailing list