But Fred - there are plain text authenticators and if you use SSL then
it's encrypted. These can cal to Cyrus SASL which on my setup talks to
IMAL using the rimap setting. My point is - what does Exim bother with
talking to SASL which talks to IMAP when it could - in theiry - talk to
IMAP direstly and eliminate the SASL layer?
It's a simplicity thing.
Fred Viles wrote:
On 1 Aug 2005 at 11:32, Marc Perkel wrote about
"Re: [exim] Why doesn't Exim authent":
| Fred Viles wrote:
|...
| >FYI, it wouldn't work with CRAM-MD5 or other one-way-hash SASL
| >mechanisms. The password would not be available for exim to pass to
| >the IMAP server.
|...
| Why wouldn't the password be available?
RTFRFC (RFC 2195, according to spec.txt).
The client does not send the password in plaintext (that's a GOOD
thing). It sends a cryptographic hash made from the password and the
challenge string sent by the server. The server can't recover the
plain text password from the hash (it's a one-way hash), it has to
have the plain text password already to hand so it can hash it
itself, and verify that the client sent the expected hash.
- Fred
--
Marc Perkel - [EMAIL PROTECTED]
Spam Filter: http://www.junkemailfilter.com
My Blog: http://marc.perkel.com
--
## List details at http://www.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://www.exim.org/eximwiki/
