question on cyrus authentication

Erik Myllymaki erik.myllymaki at
Fri Jun 25 10:49:58 EDT 2004

I have a mail server running Exim 4.21 and Cyrus 2.1.17.

I use sasldb2 for the passwords. This requires a client that knows  
I have Exim setup to use the same sasldb2 database for SMTP 
authentication, as well.

So far this has been fine because my clients have been *force-fed* 
Thunderbird and Squirrelmail as clients and they both understand CRAM-MD5.

Now, I will have 30 more users moving over to this mail server, but they 
ALL use Outlook Express, and I know that OE does not do CRAM-MD5. 
Obviously I do not want to start using local user passwords AND sasldb2 
passwords for all these users (and more to follow). Also, I have to make 
a decision and deploy it by July 1st.

So, my options that I see are:

1.   Force them all to use Thunderbird.

2.   Use local user accounts and passwords for all of them and use TLS 
to secure the PLAINTEXT logins. I already have TLS configured.

3. *Somehow*, configure Cyrus and Exim to allow both PLAINTEXT over TLS 
and CRAM-MD5 logins.

Your comments and criticisms appreciated.

Cyrus Home Page:
Cyrus Wiki/FAQ:
List Archives/Info:

More information about the Info-cyrus mailing list