From: José Luis Tallón (no email)
Date: Wed May 01 2002 - 14:32:37 EDT
At 18:58 1/05/2002 +0200, you wrote:
>Hi all!
>
>I'm using postfix as mta and have sasl enabled for authentication.
>
>Now I want to check the passwords against my mysqldb (where also my
>courier-imap is). Then I would have only one central point where users have
>there passwords for their mail. And as its mysql, also the webmailer could
>use it.
I did it with PAM: tell SASL to auth against PAM, and use the pam-mysql
module.
However, in a second thought, I think this approach wouldn't work with *BSD
out there ( or am I wrong? PAM already ported? )
>So long, in the sasl documentation it says that mysql can only be used in
>conjunction with plain.
Well, if you only store _plain_ passwords... One can store crypt()ed
passwords in another column.
>But my postfix tells AUTH LOGIN PLAIN CRAM-MD5 DIGEST-MD5.
>
>And most email programms will switch to cram or digest, whats good for
>security, but as I'm also using TLS plain would be no problem.
So then? why not stay with PLAIN and let TLS care about security ?
-
To unsubscribe, send mail to with content
(not subject): unsubscribe postfix-users
|
|
|