Well, in fine, I'd like all user's passwords to be stored encrypted into a kerberos server.
Exim does not support (without cyrus-sasl) DIGEST-MD5 and GSSAPI, and it doesn't support bsdauth as a password database. However, with cyrus-sasl, it supports everything I need.
Dovecot doesn't support checking anything against cyrus-sasl, but knows about GSSAPI with its own sasl library.
I don't want to use cyrus-imapd.
What I'd like is to focalize on a centralised authenticator system, and then work on it as needed to make the central authenticator to use the kerberos server. So a patch to make dovecot use exim as an authentication system would be great as exim supports everything I want when linked against cyrus-sasl.
On Mon, 10 Jul 2006 01:07:19 +0800
W B Hacker <wbh@???> wrote:
> Renaud Allard wrote:
>
> *trim*
>
> > In fact, I must admit I would prefer a patch that would let
> > dovecot authenticate against exim (which in turn supports
> > cyrus-sasl libray even for PLAIN, LOGIN,...).
> >
>
>
> You don't need any patches for that, only minor compile-time
> flags and appropriate configuration file settings.
>
> Both Exim and Dovecot will use the auth methods they are told to
> use and will seek the UID:GID and PWD from whatever source(es)
> you point them to, plain, crypted, or both.
>
> As an SSL 'tunnel' also protects the UID and message content as
> well as the <plain> password, we consider it the best and
> simplest approach [1].
>
> Bill
>
> [1] With older MUA that lacked SSL/TLS, we used 'stunnel'.
>
>
>
>
>
> --
> ## List details at http://www.exim.org/mailman/listinfo/exim-users
> ## Exim details at http://www.exim.org/
> ## Please use the Wiki with this list - http://www.exim.org/eximwiki/
>
--
.O.
..O
OOO
PGP key:
http://www.llorien.org/gnupg/key.pub
Insanity: doing the same thing over and over again and expecting different results.
- Albert Einstein