On 6/27/2016 2:45 AM, Mark Foley wrote:
While continuing to test gssapi, I thought I check out your suggestion on NTLM v1. I did set Thunderbird to NTLM v1 ...
You are aware, I hope, that NTLM v1 is well over 20 years old and is trivially compromised today. Basically, it's about as secure as sending plaintext passwords. Since you're supporting SSL on your Dovecot server, why not require it, and not bother with NTLM auth?
