[Exim] Puzzled with the inconsistent way CRAM-MD5 works in E…

Top Page
Delete this message
Reply to this message
Author: ml
Date:  
To: exim-users
Subject: [Exim] Puzzled with the inconsistent way CRAM-MD5 works in Exim
Hi,

I've been using Exim for now more than 1 month and I'm discovering more and more features of this great product.
Bravo.


Now, I must say that I'm really puzzled with the way CRAM-MD5 auth works in Exim.


I don't understand why this way is not consistent with the way PLAIN and LOGIN work.


This way claims the passwd to be stored in plain text somewhere and, as you know, wherever it is stored (LDAP, databases), a plain passwd is not very secure way to work with.


Why can we imagine server_secret as a variable $server_secret (or $2) that would permit with the keyword server_condition to work like a charm :


    ${if crypteq {$server_secret} {....{yes}{no}}


?

WHY ?


db