--- Maybe you should change your DB-Password: You sent it to the list inside the atteched file: password=06549...3acd port=3306 ---
Your problem with cram-md5 is, that you have "default_pass_scheme = CRYPT" in /etc/dovecot/dovecot-sql.conf. As mentioned in this text from my last mail, you need to change the schema your passwords are stored in: >>> On http://wiki.dovecot.org/Authentication/PasswordSchemes you'll find >>> under "Non-plaintext authentication mechanisms": >>> "The problem with non-plaintext auth mechanisms is that the password >>> must be stored either in plaintext, or using a mechanism-specific scheme >>> that's incompatible with all other non-plaintext mechanisms. In >>> addition, the mechanism-specific schemes often offer very little >>> protection. This isn't a limitation of Dovecot, it's a requirement for >>> the algorithms to even work. >>> >>> For example if you're going to use CRAM-MD5 authentication, the password >>> needs to be stored in either PLAIN or CRAM-MD5 scheme. If you want to >>> allow both CRAM-MD5 and DIGEST-MD5, the password must be stored in >>> plaintext. " You'll have to set an other default scheme in your /etc/dovecot/dovecot-sql.conf and recreate your passwords in the db. Read more in above mentioned URL. Or you can prefix every password with its scheme, but i don't remember details. Willi Am 23.02.2017 um 15:35 schrieb Poliman - Serwis: > "Now i understand, that you want to add cram-md5 to the mechs, but to > authenticate still against the sql-db?" Hehe no. I have cram-md5 and when I > try sql-db I can't send emails. > I use ubuntu server 14.04.5 lts with 16.04 kernel. I found out that Postfix > logs go to mail.log and mail.err files. > "dovecot logs for the mentioned two cases?" - which two cases? :) > dovecot-sql.conf output in attachement. > "maybe a link to the mentioned dovecot threat" - do You mean tutorial based > on I setup cram-md5 in dovecot? > > 2017-02-23 15:26 GMT+01:00 wilfried.es...@essignetz.de < > wilfried.es...@essignetz.de>: > >> Now i understand, that you want to add cram-md5 to the mechs, but to >> authenticate still against the sql-db? >> >> >> On http://wiki.dovecot.org/Authentication/PasswordSchemes you'll find >> under "Non-plaintext authentication mechanisms": >> "The problem with non-plaintext auth mechanisms is that the password >> must be stored either in plaintext, or using a mechanism-specific scheme >> that's incompatible with all other non-plaintext mechanisms. In >> addition, the mechanism-specific schemes often offer very little >> protection. This isn't a limitation of Dovecot, it's a requirement for >> the algorithms to even work. >> >> For example if you're going to use CRAM-MD5 authentication, the password >> needs to be stored in either PLAIN or CRAM-MD5 scheme. If you want to >> allow both CRAM-MD5 and DIGEST-MD5, the password must be stored in >> plaintext. " >> >> Does that possibly point out your problem? >> >> >> Otherwise please provide >> - dovecot logs for the mentioned two cases? >> - contnet of /etc/dovecot/dovecot-sql.conf? >> - maybe a link to the mentioned dovecot threat. >> >> Did you find your postfix logs? Which system do you use? >> >> >> Willi >> >>
