Am 08.09.19 um 07:29 schrieb - Neustradamus -: > For a better security, look the RFC6331: Moving DIGEST-MD5 to > Historic: https://tools.ietf.org/html/rfc6331 > <https://tools.ietf.org/html/rfc6331>. > > It is about DIGEST-MD5 (and CRAM-MD5 in the same time). > > You must to inform that SCRAM-SHA-XXX(-PLUS) is here! > > Regards, > > Neustradamus
Dear Neustradamus, you've made your point, now please leave the lobby. Postfix isn't supposed to pamper up the world for what certain combinations of circumstance could do wrong. Your pulling out detail decisions leaves the entire system setup out of the picture, and quite a few of those digest algorithms will require to store UNSALTED UNENCRYPTED passwords server-side vs. cleartext over trusted TLS channels can get away with salted PW hashes that are far harder to break in case of a server-side security breach. You have repeatedly been explained that Postfix pulls in SASL providers by reference, so their lobby is where you should linger. Now please get back to Postfix-related topics that don't assume you can run MTAs without mapping the field first, or stop mailing to the list. Regards Matthias