[exim-dev] [Bug 2349] New: Add SCRAM-SHA-1/256 Authenticatio…

Página Principal
Apagar esta mensagem
Responder a esta mensagem
Autor: admin
Data:  
Para: exim-dev
Tópicos Novos: [exim-dev] [Bug 2349] Add SCRAM-SHA-1/256 Authentication Methods in Client mode, [exim-dev] [Bug 2349] Add SCRAM-SHA-1/256 Authentication Methods in Client mode, [exim-dev] [Bug 2349] Add SCRAM-SHA-1/256 Authentication Methods in Client mode, [exim-dev] [Bug 2349] Add SCRAM-SHA-1/256 Authentication Methods in Client mode, [exim-dev] [Bug 2349] Add SCRAM-SHA-1/256(-PLUS) Authentication Methods in Client mode, [exim-dev] [Bug 2349] Add SCRAM-SHA-1/256 Authentication Methods in Client mode, [exim-dev] [Bug 2349] Add SCRAM-SHA-1/256 Authentication Methods in Client mode, [exim-dev] [Bug 2349] Add SCRAM-SHA-1/256 Authentication Methods in Client mode, [exim-dev] [Bug 2349] Add SCRAM-SHA-1/256 Authentication Methods in Client mode, [exim-dev] [Bug 2349] Add SCRAM-SHA-1/256 Authentication Methods in Client mode, [exim-dev] [Bug 2349] Add SCRAM-SHA-1/256 Authentication Methods in Client mode, [exim-dev] [Bug 2349] Add SCRAM-SHA-1/256 Authentication Methods in Client mode, [exim-dev] [Bug 2349] Add SCRAM-SHA-1/256 Authentication Methods in Client mode
Assunto: [exim-dev] [Bug 2349] New: Add SCRAM-SHA-1/256 Authentication Methods in Client mode
https://bugs.exim.org/show_bug.cgi?id=2349

            Bug ID: 2349
           Summary: Add SCRAM-SHA-1/256 Authentication Methods in Client
                    mode
           Product: Exim
           Version: N/A
          Hardware: x86-64
                OS: Linux
            Status: NEW
          Severity: wishlist
          Priority: medium
         Component: SMTP Authentication
          Assignee: jgh146exb@???
          Reporter: torsten@???
                CC: exim-dev@???


When I run exim on a satellite System to send mails only to a smarthost
with authentication, I find no way to use SCRAM-SHA-1 as a client setting.

When I check the gsasl code I can only find the settings for the server
version.

To prevend the exposure of a plaintext password when for whatever
reasons DNS/TLS could be redirected to a malicious system.

If SCRAM-SHA-1 could be added, the changes to add also SCRAM-SHA-256
should be small.

Torsten

--
You are receiving this mail because:
You are on the CC list for the bug.