question on cyrus authentication

[Sebastian Hagedorn]

Hi,

-- Erik Myllymaki <erik.myllymaki at aviawest.com> is rumored to have mumbled 
on Freitag, 25. Juni 2004 7:49 Uhr -0700 regarding question on cyrus 
authentication:

> I have a mail server running Exim 4.21 and Cyrus 2.1.17.
>
> I use sasldb2 for the passwords. This requires a client that knows
> CRAM-MD5.

why would you say that? Most mechanisms work with sasldb ... we don't use 
Exim but Sendmail, but that shouldn't be relevant.

> I have Exim setup to use the same sasldb2 database for SMTP
> authentication, as well.
>
> So far this has been fine because my clients have been *force-fed*
> Thunderbird and Squirrelmail as clients and they both understand CRAM-MD5.
>
> Now, I will have 30 more users moving over to this mail server, but they
> ALL use Outlook Express, and I know that OE does not do CRAM-MD5.
> Obviously I do not want to start using local user passwords AND sasldb2
> passwords for all these users (and more to follow). Also, I have to make
> a decision and deploy it by July 1st.
>
> So, my options that I see are:
>
> 1.   Force them all to use Thunderbird.
>
> 2.   Use local user accounts and passwords for all of them and use TLS to
> secure the PLAINTEXT logins. I already have TLS configured.

You should do that anyway.

> 3. *Somehow*, configure Cyrus and Exim to allow both PLAINTEXT over TLS
> and CRAM-MD5 logins.

That's the best approach. You might also add NTLM

Greetings, Sebastian
--
Sebastian Hagedorn M.A. - RZKR-R1 (Flachbau), Zi. 18, Robert-Koch-Str. 10
Zentrum für angewandte Informatik - Universitätsweiter Service RRZK
Universität zu Köln / Cologne University - Tel. +49-221-478-5587
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 194 bytes
Desc: not available
Url : https://lists.andrew.cmu.edu/mailman/private/info-cyrus/attachments/20040625/51fe9571/attachment.bin