Re: [Exim] CRAM-MD5 with no clear password

Góra strony
Delete this message
Reply to this message
Autor: Nico Erfurth
Data:  
Dla: Silmar A. Marca
CC: exim-users
Temat: Re: [Exim] CRAM-MD5 with no clear password
Silmar A. Marca wrote:
> I store this in MD5 in field pass_md5...


With CRAM the password is NEVER transmitted over the wire, CRAM means
Challenge-Response-Authentication-Mechanism. The idea is to encrypt some
random string with the password on both sides and compare the encrypted
strings. So you need the PLAINTEXT passwords on both sides.

Nico