Am 06.12.2014 um 06:56 schrieb Jan Wideł:
If you add disable_plaintext_auth=yes ssl=required settings, then
dovecot will drop authentication without STARTTLS. But damage will be
done, client will send unencrypted (or in this scenario MD5 or SHA512
hash) login/password
no, damage will *not* be
Am 6. Dezember 2014 13:10:58 MEZ, schrieb Reindl Harald
h.rei...@thelounge.net:
Am 06.12.2014 um 06:56 schrieb Jan Wideł:
If you add disable_plaintext_auth=yes ssl=required settings, then
dovecot will drop authentication without STARTTLS. But damage will be
done, client will send unencrypted
Am 06.12.2014 um 14:40 schrieb Daniel Parthey:
Am 6. Dezember 2014 13:10:58 MEZ, schrieb Reindl Harald
h.rei...@thelounge.net:
Am 06.12.2014 um 06:56 schrieb Jan Wideł:
If you add disable_plaintext_auth=yes ssl=required settings, then
dovecot will drop authentication without STARTTLS. But
W dniu 2014-12-06 13:10, Reindl Harald napisał(a):
Am 06.12.2014 um 06:56 schrieb Jan Wideł:
If you add disable_plaintext_auth=yes ssl=required settings, then
dovecot will drop authentication without STARTTLS. But damage will be
done, client will send unencrypted (or in this scenario MD5 or
On 12/5/2014 3:24 AM, ML mail wrote:
Hello,
I am wondering which variant is more secure for user authentication and
password scheme. Basically I am looking at both variants:
1) MD5-CRYPT password scheme storage with CRAM-MD5 auth mechanism
2) SHA512-CRYPT password scheme storage with PLAIN
On 12/5/14, ML mail mlnos...@yahoo.com wrote:
Hello,
I am wondering which variant is more secure for user authentication and
password scheme. Basically I am looking at both variants:
1) MD5-CRYPT password scheme storage with CRAM-MD5 auth mechanism
2) SHA512-CRYPT password scheme storage
On 12/06/2014 02:35 AM, Nick Edwards wrote:
On 12/5/14, ML mail mlnos...@yahoo.com wrote:
Hello,
I am wondering which variant is more secure for user authentication and
password scheme. Basically I am looking at both variants:
1) MD5-CRYPT password scheme storage with CRAM-MD5 auth