Re: [Exim] PAM nand SPA

Góra strony
Delete this message
Reply to this message
Autor: Sheldon Hearn
Data:  
Dla: The Great Aardvark
CC: exim-users
Temat: Re: [Exim] PAM nand SPA
On (2003/10/16 03:29), The Great Aardvark wrote:

> Is the following statement accurate:
> "You cannot use the SPA authentication driver with PAM authentication
> because exim needs the (authoritative) plaintext password to do SPA
> authentication. Therefore, if you are setting up exim to
> authenticate MS Outlook users at SMTP time via PAM, then you cannot
> use SPA. And if SPA, then not PAM."


Yes. The nature of the SPA protocol mandates that the server have
access to the client's plaintext password.

The client does not send the server a plaintext password.

Therefore, the server can't give PAM a password to check, and PAM won't
give the server the password either.

Ciao,
Sheldon.