Re: [exim] TLS SASL authentiation error 535

Góra strony
Delete this message
Reply to this message
Autor: Alexander Carver
Data:  
Dla: exim-users
Temat: Re: [exim] TLS SASL authentiation error 535
On 2015-09-05 12:03, Jeremy Harris wrote:
> On 05/09/15 19:54, AC wrote:
>> Until this thread I didn't know that the
>> password is base64 encoded in the AUTH PLAIN debug output (before it's
>> printed as plain text in $auth3 otherwise). I assumed it was a hashed
>> string so I didn't expect it to match every time.
>
> Because of this, restricting plaintext auth methods to encrypted
> connections is a good move.
>

Yes, I would agree. I have mine set up to use a TLS encrypted
connection started by STARTTLS. Is there a way to combine the SASL
authentication with a hashing algorithm or is STARTTLS+PLAIN sufficient?