Re: [Exim] saslauthd with IMAP - I love it!

On Apr 28, 2004, at 07:20, Marc Perkel wrote:

> OK - from my last message it appears that even some of you who use
> saslauthd don't realise that it can authenticate with IMAP. So - here's
> how it works.

I don't think that's the point in most of these responses - the
responses are more along the lines of "but why?".

Presumably, if you are using the Cyrus "saslauthd", you are also using
a Cyrus POP3/IMAP server, which in turn presumably uses a SASL password
database to authenticate users (by default, via the "auxprop"
mechanism, as opposed to externally through "saslauthd").

If so, why would you have "saslauthd" authenticate users over the IMAP
protocol, rather than leaving it at its default, where it too consults
the SASL password database directly?

Also beware of a possible loop - if you setup Cyrus to talk to
saslauthd for authentication, and setup saslauthd to authenticate via
the IMAP protocol, you are in (obvious) trouble.

"saslauthd" is cool, but one thing Exim is missing (in its released
version) is the ability to do (DIGEST/CRAM)-MD5 or KRB password
authenticatinon against SASL. It seems that Matt Bernstein's patch
will take care of that.

-tor