Dear List
It might be of interest to some exim3 users how you can configure exim3
to allow both kind of authentication mechanisms cram-md5 over non-SSL
and plain over SSL at the same time. You find the "Debian Exim Secure
Authentification Pseudo-HOW-TO" I wrote at:
http://ente.limmat.ch/kb/exim/exim_v3_secure_auth.html
which answers this question.
The problems to solve for such a configuration were tricky:
- Sharing password files between exim and an IMAP/POP3 server
(They may not use the same separator character).
- The option "auth_over_tls_hosts" forces not only plain to use
SSL but also cram-md5 to use it. So a different approach must
be used.
- RBLs are checked before a client can present its authentication
information and access may be rejected.
I hope this can be useful for someone of the exim3 nostalgia fraction.
Regards, Adrian.