Author: Sheldon Hearn Date: To: The Great Aardvark CC: exim-users Subject: Re: [Exim] PAM nand SPA
On (2003/10/16 03:29), The Great Aardvark wrote:
> Is the following statement accurate:
> "You cannot use the SPA authentication driver with PAM authentication
> because exim needs the (authoritative) plaintext password to do SPA
> authentication. Therefore, if you are setting up exim to
> authenticate MS Outlook users at SMTP time via PAM, then you cannot
> use SPA. And if SPA, then not PAM."
Yes. The nature of the SPA protocol mandates that the server have
access to the client's plaintext password.
The client does not send the server a plaintext password.
Therefore, the server can't give PAM a password to check, and PAM won't
give the server the password either.