On Tue, 2025-08-12 at 12:21 +1000, Viktor Dukhovni via Postfix-users wrote: > Outdated threat model. DO NOT do this. Use a PAM backend with strong > password hashes.
Aha. > The PLAIN mechanism DOES NOT REQUIRE cleartext password storage, and > SHOULD be deployed with a backend that stores password hashes. Aha. > No, the Postfix filter is optional, if you're willing to tolerate whatever > mechanisms SASL offers, and with the Postfix filter set, it should be > possible to let SASL adverise whatever mechanisms it has available. You > should not have to set both. I've never done it. Aha. Thanks for that, Viktor. Many pointers for the SASL README. James _______________________________________________ Postfix-users mailing list -- [email protected] To unsubscribe send an email to [email protected]
