Re: [Exim] CRAM-MD5 with no clear password

Top Page
This message is part of the following thread:
Mthe complete thread tree sorted by date
MSilmar A. Marca at <-
MWakko Warner at ->
Delete this message
Reply to this message
Author: Nico Erfurth
Date:  
To: Silmar A. Marca
CC: exim-users
Subject: Re: [Exim] CRAM-MD5 with no clear password
Silmar A. Marca wrote:
> I store this in MD5 in field pass_md5...

With CRAM the password is NEVER transmitted over the wire, CRAM means
Challenge-Response-Authentication-Mechanism. The idea is to encrypt some
random string with the password on both sides and compare the encrypted
strings. So you need the PLAINTEXT passwords on both sides.

Nico



This message was posted to the following mailing lists:
Exim-users
Mailing List Info | Nearby Messages		<-Re: [Exim] Re: Problem with exim on internal networkRe: [Exim] how to check if domain doesn't point to local host->
Tahini and Hummus and Cumin Development Archives administrated by cumin AdminsLurker (version 2.3)